General
-
Target
2b558b9ec57a3f722d6c1e66c519cc9e_JaffaCakes118
-
Size
240KB
-
Sample
241009-fprqrszhrr
-
MD5
2b558b9ec57a3f722d6c1e66c519cc9e
-
SHA1
b381c21397ae74addbe6bf5589c4e773fee1c119
-
SHA256
ec8cf85517fb463f10dcb6cc5d2e1f887ddf138c7f9de72721c1f08a6c7bb4f0
-
SHA512
8661a70b9043e488ad6b0adaf33243f8d1192681bdcd93e51c40506e433bcb2c987ba3a9e08ff206bad16bc4fa3cee9c7dcdd96d3fb6e5ae8b17921f6a3747d6
-
SSDEEP
6144:GL3dwqsNTNEXGlQR58EqxF6snji81RUinKq3aEESliDnQ:G7dQKjeaEEpM
Malware Config
Targets
-
-
Target
2b558b9ec57a3f722d6c1e66c519cc9e_JaffaCakes118
-
Size
240KB
-
MD5
2b558b9ec57a3f722d6c1e66c519cc9e
-
SHA1
b381c21397ae74addbe6bf5589c4e773fee1c119
-
SHA256
ec8cf85517fb463f10dcb6cc5d2e1f887ddf138c7f9de72721c1f08a6c7bb4f0
-
SHA512
8661a70b9043e488ad6b0adaf33243f8d1192681bdcd93e51c40506e433bcb2c987ba3a9e08ff206bad16bc4fa3cee9c7dcdd96d3fb6e5ae8b17921f6a3747d6
-
SSDEEP
6144:GL3dwqsNTNEXGlQR58EqxF6snji81RUinKq3aEESliDnQ:G7dQKjeaEEpM
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2