General
-
Target
285cd679432aecf27ce003c75f446869_JaffaCakes118
-
Size
124KB
-
Sample
241009-bq5xkaxhrq
-
MD5
285cd679432aecf27ce003c75f446869
-
SHA1
755156dc31957dd485dafcce62abc2cb0b6994b6
-
SHA256
d3491e2d0e0d55820b1a14a89b1947f86182610b4ab501b14eb0b0b8647c27a5
-
SHA512
5c5fc6f507d28d0f17f6e71350aab217a032097978395d29c661fa646bac27043f8c17d2261a60c42b22105a3dee6da577d495c7c96cc141a3baa608e3d55754
-
SSDEEP
1536:1KEchwRRJuBxeDtMYHa27J14ltxporZ45igHNeG0hQ:0EchwRRJkeV6gJ1uCt45VgQ
Malware Config
Targets
-
-
Target
285cd679432aecf27ce003c75f446869_JaffaCakes118
-
Size
124KB
-
MD5
285cd679432aecf27ce003c75f446869
-
SHA1
755156dc31957dd485dafcce62abc2cb0b6994b6
-
SHA256
d3491e2d0e0d55820b1a14a89b1947f86182610b4ab501b14eb0b0b8647c27a5
-
SHA512
5c5fc6f507d28d0f17f6e71350aab217a032097978395d29c661fa646bac27043f8c17d2261a60c42b22105a3dee6da577d495c7c96cc141a3baa608e3d55754
-
SSDEEP
1536:1KEchwRRJuBxeDtMYHa27J14ltxporZ45igHNeG0hQ:0EchwRRJkeV6gJ1uCt45VgQ
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2