General
-
Target
293aa37a7442904b8d3e661cf001e54c_JaffaCakes118
-
Size
172KB
-
Sample
241009-czmm1svcqj
-
MD5
293aa37a7442904b8d3e661cf001e54c
-
SHA1
7d55cac6bedcbbfbf062c81c98bca12450e018bb
-
SHA256
da5fa1446dcf409d7677849c23fa401e179d5262469ab04250946986f24f8fc8
-
SHA512
19d073e2519cf1807359d93c6e3e04c6e763363b56d94c38e4310441993447f6e3afe3a600a05a03e48b9dca8bde2dfce311d2456a9532570e4c51dba6cf3658
-
SSDEEP
3072:7Y3QXXeRgw3tiKnvmb7/D26nYNpnHzqTT8RUFwjkKvLg3dvCgIHzmWZAlGbB6iBg:MAXXeR1UKnvmb7/D26nSnTqTT8RUFwjC
Malware Config
Targets
-
-
Target
293aa37a7442904b8d3e661cf001e54c_JaffaCakes118
-
Size
172KB
-
MD5
293aa37a7442904b8d3e661cf001e54c
-
SHA1
7d55cac6bedcbbfbf062c81c98bca12450e018bb
-
SHA256
da5fa1446dcf409d7677849c23fa401e179d5262469ab04250946986f24f8fc8
-
SHA512
19d073e2519cf1807359d93c6e3e04c6e763363b56d94c38e4310441993447f6e3afe3a600a05a03e48b9dca8bde2dfce311d2456a9532570e4c51dba6cf3658
-
SSDEEP
3072:7Y3QXXeRgw3tiKnvmb7/D26nYNpnHzqTT8RUFwjkKvLg3dvCgIHzmWZAlGbB6iBg:MAXXeR1UKnvmb7/D26nSnTqTT8RUFwjC
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2