General
-
Target
125c3f679ebe7849d37ac96188c674ec_JaffaCakes118
-
Size
344KB
-
Sample
241004-h3d3yavemc
-
MD5
125c3f679ebe7849d37ac96188c674ec
-
SHA1
33b4deb723798c8b236202e18734203a8e0f2d9e
-
SHA256
bf0958b198936315a9588042e8fb4eeb1360f9322b4f19b06b462088dea7c339
-
SHA512
c4371913c073f3d9f9d375b3bf8aa08ea848c351a78a89952dda477c02fa993801504628959faffbd4d2311fd3d469526b7e4adce5c0fe51541cace1edbea14b
-
SSDEEP
6144:DvDci6eqaPzJwCT0znucerL3tjRs2Ufg/4t/S2rBTATZUEUxDuus5As01uudY+o5:jUaPfjRsQ6S2NdX5oe2
Malware Config
Targets
-
-
Target
125c3f679ebe7849d37ac96188c674ec_JaffaCakes118
-
Size
344KB
-
MD5
125c3f679ebe7849d37ac96188c674ec
-
SHA1
33b4deb723798c8b236202e18734203a8e0f2d9e
-
SHA256
bf0958b198936315a9588042e8fb4eeb1360f9322b4f19b06b462088dea7c339
-
SHA512
c4371913c073f3d9f9d375b3bf8aa08ea848c351a78a89952dda477c02fa993801504628959faffbd4d2311fd3d469526b7e4adce5c0fe51541cace1edbea14b
-
SSDEEP
6144:DvDci6eqaPzJwCT0znucerL3tjRs2Ufg/4t/S2rBTATZUEUxDuus5As01uudY+o5:jUaPfjRsQ6S2NdX5oe2
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2