General
-
Target
11e4392b79f6f9d06283ae4cdb7c6901_JaffaCakes118
-
Size
124KB
-
Sample
241004-feptesyhnb
-
MD5
11e4392b79f6f9d06283ae4cdb7c6901
-
SHA1
876e1c001bbcf0ce348d49ccf7b816483da4191e
-
SHA256
efd38796a065a58d2bc0d9d5877da3d986efa5331b5503f1bac0268f50d4f569
-
SHA512
56fdfb75b8f288f0e018384d0ab8ed85db63454a17bd915748459fd6ae4b6c7003d28d217040bc6c55edfcab041e20de4f1505584f873fe4aa08066e644a1079
-
SSDEEP
1536:RkEJhwRMuBxeDtMYHa27J14ltxporZ45iyNeG0h/x:+EJhwRMkeV6gJ1uCt45op
Malware Config
Targets
-
-
Target
11e4392b79f6f9d06283ae4cdb7c6901_JaffaCakes118
-
Size
124KB
-
MD5
11e4392b79f6f9d06283ae4cdb7c6901
-
SHA1
876e1c001bbcf0ce348d49ccf7b816483da4191e
-
SHA256
efd38796a065a58d2bc0d9d5877da3d986efa5331b5503f1bac0268f50d4f569
-
SHA512
56fdfb75b8f288f0e018384d0ab8ed85db63454a17bd915748459fd6ae4b6c7003d28d217040bc6c55edfcab041e20de4f1505584f873fe4aa08066e644a1079
-
SSDEEP
1536:RkEJhwRMuBxeDtMYHa27J14ltxporZ45iyNeG0h/x:+EJhwRMkeV6gJ1uCt45op
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2