General
-
Target
2e891d633e92b375b063b99b331f328f_JaffaCakes118
-
Size
244KB
-
Sample
241009-k778patakr
-
MD5
2e891d633e92b375b063b99b331f328f
-
SHA1
454d379b98d0685d8a9cc9e8ea0b7246e0296647
-
SHA256
56af9c5906077fc0e76f85629511a27acb4c067626fade6f3bc2d4190f3ed6e9
-
SHA512
3bdf9d0d118c64192522e7d73ede870e9e86d42b6c4708d7b04a4f50c779d7c4772a77f5fe1cda84cc691ea39fb491a6e204a36433a3b984fc453bd68488a067
-
SSDEEP
768:1lvMavzJieRVwbjMPkG1VuW/wqvRXMXp677yCzdXZRT2Nq1MaQnepMri14PGBEj7:1RlrJieRKlGVs4emEFbsP0
Malware Config
Targets
-
-
Target
2e891d633e92b375b063b99b331f328f_JaffaCakes118
-
Size
244KB
-
MD5
2e891d633e92b375b063b99b331f328f
-
SHA1
454d379b98d0685d8a9cc9e8ea0b7246e0296647
-
SHA256
56af9c5906077fc0e76f85629511a27acb4c067626fade6f3bc2d4190f3ed6e9
-
SHA512
3bdf9d0d118c64192522e7d73ede870e9e86d42b6c4708d7b04a4f50c779d7c4772a77f5fe1cda84cc691ea39fb491a6e204a36433a3b984fc453bd68488a067
-
SSDEEP
768:1lvMavzJieRVwbjMPkG1VuW/wqvRXMXp677yCzdXZRT2Nq1MaQnepMri14PGBEj7:1RlrJieRKlGVs4emEFbsP0
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2