General
-
Target
162318d9766c511d39dc664d3253441e_JaffaCakes118
-
Size
140KB
-
Sample
241005-ey8j7svfql
-
MD5
162318d9766c511d39dc664d3253441e
-
SHA1
644ab4b8485badd46e7bed7be35b4317fed8310a
-
SHA256
0c335be62b007d024ec9d88b12bc889586df89547ff631cbf0e22592374d1071
-
SHA512
130e06a59a87f55c5f6263b4d40d12b200d154a407d25ca2aee72899784a4cc0bc75c628e6d49f9e9a3383145803d9312c956aef5d6c49c6aef0e5adc8fc13f5
-
SSDEEP
3072:blfHfGL02W2N0fAU9x5Ea3hx4oQZiE5Uw7vI:5/GL012efAU9x5BxrWMl
Malware Config
Targets
-
-
Target
162318d9766c511d39dc664d3253441e_JaffaCakes118
-
Size
140KB
-
MD5
162318d9766c511d39dc664d3253441e
-
SHA1
644ab4b8485badd46e7bed7be35b4317fed8310a
-
SHA256
0c335be62b007d024ec9d88b12bc889586df89547ff631cbf0e22592374d1071
-
SHA512
130e06a59a87f55c5f6263b4d40d12b200d154a407d25ca2aee72899784a4cc0bc75c628e6d49f9e9a3383145803d9312c956aef5d6c49c6aef0e5adc8fc13f5
-
SSDEEP
3072:blfHfGL02W2N0fAU9x5Ea3hx4oQZiE5Uw7vI:5/GL012efAU9x5BxrWMl
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2