General
-
Target
15879f4f716f9f09bb561e6f830cf3f8_JaffaCakes118
-
Size
232KB
-
Sample
241005-a684gswark
-
MD5
15879f4f716f9f09bb561e6f830cf3f8
-
SHA1
0df00acd4ee984426062dd82ab0018b5ce577823
-
SHA256
a2900359ca74be3de45794b44d0aca4286268cc53b4a00d155709a521f8c5166
-
SHA512
ecfd7ae357728d00644dc9f989b8caeba3de309d3b5c4eeb72a127e2d6f0296edd7392c512f839213075e28f0f98f1f1637a87b3b299262a8f90f1571dbf2bb7
-
SSDEEP
3072:MpMeBctYwN1Smm727IJCkvIwXX4Ph0ApMX3KKl+Hv/91I/2XrlDuO:MpPBctYwN1S327Y54Ph0TX1kd18Crp
Malware Config
Targets
-
-
Target
15879f4f716f9f09bb561e6f830cf3f8_JaffaCakes118
-
Size
232KB
-
MD5
15879f4f716f9f09bb561e6f830cf3f8
-
SHA1
0df00acd4ee984426062dd82ab0018b5ce577823
-
SHA256
a2900359ca74be3de45794b44d0aca4286268cc53b4a00d155709a521f8c5166
-
SHA512
ecfd7ae357728d00644dc9f989b8caeba3de309d3b5c4eeb72a127e2d6f0296edd7392c512f839213075e28f0f98f1f1637a87b3b299262a8f90f1571dbf2bb7
-
SSDEEP
3072:MpMeBctYwN1Smm727IJCkvIwXX4Ph0ApMX3KKl+Hv/91I/2XrlDuO:MpPBctYwN1S327Y54Ph0TX1kd18Crp
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2