General
-
Target
15dba174d35163dfd0a70feacca77a87_JaffaCakes118
-
Size
240KB
-
Sample
241005-c9eedsvfre
-
MD5
15dba174d35163dfd0a70feacca77a87
-
SHA1
5b5ded262a2e3def951c61e88495bfd4f48fceca
-
SHA256
a57b89d1d3b5c8e7d8bb77c98a47273cec108958a6b43c7b30e750da2125a195
-
SHA512
c18d13df6b481b560d2d4d683b7ab57231ca71e70136912c7d74bb9cb887dcd455741480004adc166a79465cd18d927af908c964c72d0207d23a6e50329c16e5
-
SSDEEP
6144:CUw3dwqsNwemAB0EqxF6snji81RUinKchhyZS3T/:0dQQJsAD/
Malware Config
Targets
-
-
Target
15dba174d35163dfd0a70feacca77a87_JaffaCakes118
-
Size
240KB
-
MD5
15dba174d35163dfd0a70feacca77a87
-
SHA1
5b5ded262a2e3def951c61e88495bfd4f48fceca
-
SHA256
a57b89d1d3b5c8e7d8bb77c98a47273cec108958a6b43c7b30e750da2125a195
-
SHA512
c18d13df6b481b560d2d4d683b7ab57231ca71e70136912c7d74bb9cb887dcd455741480004adc166a79465cd18d927af908c964c72d0207d23a6e50329c16e5
-
SSDEEP
6144:CUw3dwqsNwemAB0EqxF6snji81RUinKchhyZS3T/:0dQQJsAD/
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2