General
-
Target
135baa67dbc13b627789c256ffa688d0_JaffaCakes118
-
Size
68KB
-
Sample
241004-pmh6aateqj
-
MD5
135baa67dbc13b627789c256ffa688d0
-
SHA1
b5f2a61c3ae188d37c66c76625f61bc6f485b40c
-
SHA256
053c9b13bcc00d424d0c309dba8c9429a6fe0c1a6738328acf6707593bec3bef
-
SHA512
ff5d1712bffdfa806470436349dbb2c01bf0f41f54b6ef4d1eb1d057d8562a7b365bfa1f63e4255abc83c7a9f26a336f4b65340307eb4c512f17033d0ad1be34
-
SSDEEP
768:tcZliTdy8Al+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:qZIx7AcqOK3qowgnt1d
Malware Config
Targets
-
-
Target
135baa67dbc13b627789c256ffa688d0_JaffaCakes118
-
Size
68KB
-
MD5
135baa67dbc13b627789c256ffa688d0
-
SHA1
b5f2a61c3ae188d37c66c76625f61bc6f485b40c
-
SHA256
053c9b13bcc00d424d0c309dba8c9429a6fe0c1a6738328acf6707593bec3bef
-
SHA512
ff5d1712bffdfa806470436349dbb2c01bf0f41f54b6ef4d1eb1d057d8562a7b365bfa1f63e4255abc83c7a9f26a336f4b65340307eb4c512f17033d0ad1be34
-
SSDEEP
768:tcZliTdy8Al+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:qZIx7AcqOK3qowgnt1d
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2