General
-
Target
2b3b256254aa56bcaeefec582eb1b387_JaffaCakes118
-
Size
344KB
-
Sample
241009-fkjjlazcpn
-
MD5
2b3b256254aa56bcaeefec582eb1b387
-
SHA1
3b5b50446320a138149dc03f9fec5469422f5fbf
-
SHA256
dc04c7fc28e6b00132edddee0c9334e4c66bdc14d0c5ae2fb4394e26d2639137
-
SHA512
c018927f8330235e64a94570f2591a8b61d240f31e7b01cd4e60319ea9c777bf9c7b6904c697086557dd57f6ca0c2605ba275eaccfe198bf672bb0fd602f1de3
-
SSDEEP
6144:DvD/i6eqaPzJwCT0znucerL3tjRs2Ufg/4t/S2rBTATZUEUxDuus5As01uudY+oc:jjaPfjRsQ6S2NdX5oeD
Malware Config
Targets
-
-
Target
2b3b256254aa56bcaeefec582eb1b387_JaffaCakes118
-
Size
344KB
-
MD5
2b3b256254aa56bcaeefec582eb1b387
-
SHA1
3b5b50446320a138149dc03f9fec5469422f5fbf
-
SHA256
dc04c7fc28e6b00132edddee0c9334e4c66bdc14d0c5ae2fb4394e26d2639137
-
SHA512
c018927f8330235e64a94570f2591a8b61d240f31e7b01cd4e60319ea9c777bf9c7b6904c697086557dd57f6ca0c2605ba275eaccfe198bf672bb0fd602f1de3
-
SSDEEP
6144:DvD/i6eqaPzJwCT0znucerL3tjRs2Ufg/4t/S2rBTATZUEUxDuus5As01uudY+oc:jjaPfjRsQ6S2NdX5oeD
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2