General
-
Target
2629123b4b27c7405ed62b40b2f602be_JaffaCakes118
-
Size
504KB
-
Sample
241008-11mw6swbqc
-
MD5
2629123b4b27c7405ed62b40b2f602be
-
SHA1
477496cd1a37cd6362c83aef402b1444cde008e3
-
SHA256
42432547fedadc9f3bcd1774b6d7490dac176e57e806d6de3f1e787d925aed77
-
SHA512
1baf1f80a4edf0d49df50307d3084690b4a831cf4613c2dcc31c8faae7445fcbee18944960467bab4d932fc07374e05a89815356e0598a748d919f817ea0f3b6
-
SSDEEP
6144:1yIkEoTgcAwdsuxQUdj18MgLSxaZPTIfhhKfd/O1mTSK014pv3e4:MIG3AwdXmJO4hIJ29Oz14xe4
Malware Config
Targets
-
-
Target
2629123b4b27c7405ed62b40b2f602be_JaffaCakes118
-
Size
504KB
-
MD5
2629123b4b27c7405ed62b40b2f602be
-
SHA1
477496cd1a37cd6362c83aef402b1444cde008e3
-
SHA256
42432547fedadc9f3bcd1774b6d7490dac176e57e806d6de3f1e787d925aed77
-
SHA512
1baf1f80a4edf0d49df50307d3084690b4a831cf4613c2dcc31c8faae7445fcbee18944960467bab4d932fc07374e05a89815356e0598a748d919f817ea0f3b6
-
SSDEEP
6144:1yIkEoTgcAwdsuxQUdj18MgLSxaZPTIfhhKfd/O1mTSK014pv3e4:MIG3AwdXmJO4hIJ29Oz14xe4
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2