General
-
Target
15d9ac33ef3cc8b0a1056c736a24fda0_JaffaCakes118
-
Size
288KB
-
Sample
241005-c7z83svfkg
-
MD5
15d9ac33ef3cc8b0a1056c736a24fda0
-
SHA1
9d691783e39f7aa428c3935ba1c69c31d25afbc0
-
SHA256
bf895b4b509594d7107163f10c0f160b80d8f1cbe926649006545badc3afa8b6
-
SHA512
ace19614144c3bf7dedb3a99af2cab8328a698bcdc42566cdf9dca575393a0ed65f578c3a66b1d75e11169e50b757710cf5e368f16d2e093106f7a0bcb65095e
-
SSDEEP
6144:UWyi1vbGuOdn9Z/QmO6Ckobf3fGCmahGutEU:l1vbGuYnXQmO6Ckobf3fGCmah8U
Malware Config
Targets
-
-
Target
15d9ac33ef3cc8b0a1056c736a24fda0_JaffaCakes118
-
Size
288KB
-
MD5
15d9ac33ef3cc8b0a1056c736a24fda0
-
SHA1
9d691783e39f7aa428c3935ba1c69c31d25afbc0
-
SHA256
bf895b4b509594d7107163f10c0f160b80d8f1cbe926649006545badc3afa8b6
-
SHA512
ace19614144c3bf7dedb3a99af2cab8328a698bcdc42566cdf9dca575393a0ed65f578c3a66b1d75e11169e50b757710cf5e368f16d2e093106f7a0bcb65095e
-
SSDEEP
6144:UWyi1vbGuOdn9Z/QmO6Ckobf3fGCmahGutEU:l1vbGuYnXQmO6Ckobf3fGCmah8U
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2