General
-
Target
169dcb0a9c96559067317b8de65687fe_JaffaCakes118
-
Size
288KB
-
Sample
241005-hpwe3avhrc
-
MD5
169dcb0a9c96559067317b8de65687fe
-
SHA1
1528dc67122869d8ba85ac4fbdd3467359aa7654
-
SHA256
8ebafe4eaf4e812f1ededafd0260d438727c7b127748aba00cd4c6e5c241652e
-
SHA512
5243ac7bf702438f92bfd343fdf9d95d153f7dff4211b943f654f19209eea8d5a6e81f00bb7b13c5d783076e612e990b3b2468ea5d84141116bbaf6edeff9343
-
SSDEEP
1536:bopXMphhl/dKxHZ+u+SXq/fiTvlATmeX4Z4R4H4i4/o9FKs0z2xoetEPnyexeyZU:7BVww7ucz9/tBH3H3e
Malware Config
Targets
-
-
Target
169dcb0a9c96559067317b8de65687fe_JaffaCakes118
-
Size
288KB
-
MD5
169dcb0a9c96559067317b8de65687fe
-
SHA1
1528dc67122869d8ba85ac4fbdd3467359aa7654
-
SHA256
8ebafe4eaf4e812f1ededafd0260d438727c7b127748aba00cd4c6e5c241652e
-
SHA512
5243ac7bf702438f92bfd343fdf9d95d153f7dff4211b943f654f19209eea8d5a6e81f00bb7b13c5d783076e612e990b3b2468ea5d84141116bbaf6edeff9343
-
SSDEEP
1536:bopXMphhl/dKxHZ+u+SXq/fiTvlATmeX4Z4R4H4i4/o9FKs0z2xoetEPnyexeyZU:7BVww7ucz9/tBH3H3e
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2