General
-
Target
1306cab47b39155cb4ad089bce0ee414_JaffaCakes118
-
Size
192KB
-
Sample
241004-mvzrwstfnf
-
MD5
1306cab47b39155cb4ad089bce0ee414
-
SHA1
160f770da96e7f1e5b0326cd79adfdd18ad2001b
-
SHA256
b8eb66714268edd0e3ae55dc8de3aa0ffe760efbdcd15c582dba531cf6c814e5
-
SHA512
1234c2261d02777d4c76589f77d07595ec3dd22495ffd3aba91b2cb684ffdb842fbc2b477a436adf5250d1009b775b903cabd5283a0999d0c94a53cfd84a449a
-
SSDEEP
3072:8QZuCWv2JQcFBKBJy6apbuD2VMbj1hlUywbbo9uN:8IBWvUFIJlapu2V21r/jQ
Malware Config
Targets
-
-
Target
1306cab47b39155cb4ad089bce0ee414_JaffaCakes118
-
Size
192KB
-
MD5
1306cab47b39155cb4ad089bce0ee414
-
SHA1
160f770da96e7f1e5b0326cd79adfdd18ad2001b
-
SHA256
b8eb66714268edd0e3ae55dc8de3aa0ffe760efbdcd15c582dba531cf6c814e5
-
SHA512
1234c2261d02777d4c76589f77d07595ec3dd22495ffd3aba91b2cb684ffdb842fbc2b477a436adf5250d1009b775b903cabd5283a0999d0c94a53cfd84a449a
-
SSDEEP
3072:8QZuCWv2JQcFBKBJy6apbuD2VMbj1hlUywbbo9uN:8IBWvUFIJlapu2V21r/jQ
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2