General
-
Target
27c76b441c05611a8f0a4f1c96fb53fc_JaffaCakes118
-
Size
96KB
-
Sample
241009-avk8aatdrj
-
MD5
27c76b441c05611a8f0a4f1c96fb53fc
-
SHA1
9f58db1e05a76efb9a6cd0347310473c8b26a52b
-
SHA256
85cab72902d50e58f18607b3e286ee8afaf5e9122be5bfe68118ba74d6b88991
-
SHA512
e258c8186b623500afa46994e791b023f78b7246023d902b51f4ec0d4c695b2410f5d2535ac8667fec9e99d588f73b834d2ed0a123c062a1caa624f2712df16b
-
SSDEEP
1536:bFl4oCdnWWrL7Qe25xjlU47I0m73i6EUp:/4fEWC5xjlr7Idp
Malware Config
Targets
-
-
Target
27c76b441c05611a8f0a4f1c96fb53fc_JaffaCakes118
-
Size
96KB
-
MD5
27c76b441c05611a8f0a4f1c96fb53fc
-
SHA1
9f58db1e05a76efb9a6cd0347310473c8b26a52b
-
SHA256
85cab72902d50e58f18607b3e286ee8afaf5e9122be5bfe68118ba74d6b88991
-
SHA512
e258c8186b623500afa46994e791b023f78b7246023d902b51f4ec0d4c695b2410f5d2535ac8667fec9e99d588f73b834d2ed0a123c062a1caa624f2712df16b
-
SSDEEP
1536:bFl4oCdnWWrL7Qe25xjlU47I0m73i6EUp:/4fEWC5xjlr7Idp
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2