General
-
Target
17b97e5ff8974b521d062fdf2fb1feda_JaffaCakes118
-
Size
56KB
-
Sample
241006-mj4xgaygql
-
MD5
17b97e5ff8974b521d062fdf2fb1feda
-
SHA1
ce3569f04db7a15d3ce2a725b8afb26395f17a32
-
SHA256
01bcb88981aab367c111a35773bb62403d54d0c82be51dbbf2a4a614d785a1b4
-
SHA512
fc489ddbbda27f89dd64a439ddacdcb224e964c40a7e3690c56d2d5e52a24ac50058d025f813cc51aca69a79935a9e9fcd21b40dda637841d7380bf5ec045c82
-
SSDEEP
1536:N97Pk9zlD8HOXlXsX3XnkcUckD98kMEk7I:b7ezlyzkcUckD98kME7
Malware Config
Targets
-
-
Target
17b97e5ff8974b521d062fdf2fb1feda_JaffaCakes118
-
Size
56KB
-
MD5
17b97e5ff8974b521d062fdf2fb1feda
-
SHA1
ce3569f04db7a15d3ce2a725b8afb26395f17a32
-
SHA256
01bcb88981aab367c111a35773bb62403d54d0c82be51dbbf2a4a614d785a1b4
-
SHA512
fc489ddbbda27f89dd64a439ddacdcb224e964c40a7e3690c56d2d5e52a24ac50058d025f813cc51aca69a79935a9e9fcd21b40dda637841d7380bf5ec045c82
-
SSDEEP
1536:N97Pk9zlD8HOXlXsX3XnkcUckD98kMEk7I:b7ezlyzkcUckD98kME7
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2