General
-
Target
12ea09379c7235150060b956ca4ea781_JaffaCakes118
-
Size
260KB
-
Sample
241004-l9zj1aybkn
-
MD5
12ea09379c7235150060b956ca4ea781
-
SHA1
42c4a5912bcbcdb340f930fe74c69731a79a5470
-
SHA256
7618f990ca9fa2f7ff0c63ae5417b1fde603e2b9d1ebcba821e887e901585af3
-
SHA512
bc81ac54e5a8ee4868df9ea6a21292d5fab7defc841b3b924be69c53dab81be62c944c735b05caff2ca956041726158996093e2e1c921fe1e2860aa443c86bc4
-
SSDEEP
6144:bdWEgTSrMaIl/jcLijfHFEHWzXvjT85R:bEZTSrMaIqLlI/H85R
Malware Config
Targets
-
-
Target
12ea09379c7235150060b956ca4ea781_JaffaCakes118
-
Size
260KB
-
MD5
12ea09379c7235150060b956ca4ea781
-
SHA1
42c4a5912bcbcdb340f930fe74c69731a79a5470
-
SHA256
7618f990ca9fa2f7ff0c63ae5417b1fde603e2b9d1ebcba821e887e901585af3
-
SHA512
bc81ac54e5a8ee4868df9ea6a21292d5fab7defc841b3b924be69c53dab81be62c944c735b05caff2ca956041726158996093e2e1c921fe1e2860aa443c86bc4
-
SSDEEP
6144:bdWEgTSrMaIl/jcLijfHFEHWzXvjT85R:bEZTSrMaIqLlI/H85R
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2