General

  • Target

    21114d8c1692a12db2394276106bc665_JaffaCakes118

  • Size

    655KB

  • Sample

    241008-mkptyasgqk

  • MD5

    21114d8c1692a12db2394276106bc665

  • SHA1

    0df10aaeb0d1a04bbf3c898aba1e248243c97c72

  • SHA256

    6a52071981858c924d7ef138623368f6736fe09b30099deb3d05ecf33d454262

  • SHA512

    4b2ac1018a6cde01ac0483f16b6dda27a5ce52024da2cd32ed13dc54993a358f4f27d2161a2c037d7174bc32e905731421ab91dc871c4b7cea7b8568ba6fa9ca

  • SSDEEP

    12288:LczJJhqrVPllvKspPTEGWGqWKNiTic4RVavZqpXwuCRXM+:LczJKVdDEGzqWTec4RcZqXfCdn

Score
8/10

Malware Config

Targets

    • Target

      21114d8c1692a12db2394276106bc665_JaffaCakes118

    • Size

      655KB

    • MD5

      21114d8c1692a12db2394276106bc665

    • SHA1

      0df10aaeb0d1a04bbf3c898aba1e248243c97c72

    • SHA256

      6a52071981858c924d7ef138623368f6736fe09b30099deb3d05ecf33d454262

    • SHA512

      4b2ac1018a6cde01ac0483f16b6dda27a5ce52024da2cd32ed13dc54993a358f4f27d2161a2c037d7174bc32e905731421ab91dc871c4b7cea7b8568ba6fa9ca

    • SSDEEP

      12288:LczJJhqrVPllvKspPTEGWGqWKNiTic4RVavZqpXwuCRXM+:LczJKVdDEGzqWTec4RcZqXfCdn

    Score
    8/10
    • Possible privilege escalation attempt

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks