General
-
Target
2e9be33885ae6c6251c6ae0aa92b31df_JaffaCakes118
-
Size
96KB
-
Sample
241009-lb1z6sxgrd
-
MD5
2e9be33885ae6c6251c6ae0aa92b31df
-
SHA1
70b2fbb8c6bac7e54e7b3a7e470198feba232ecc
-
SHA256
519d5e3f648ffd89a17ab89de6b1b0a3428e281b2952e67f5c9665be3c1c5ae7
-
SHA512
38041ef8d723d392b5158c82c2a6c24df0b015fb62a9c6db9cd656803cebee4eee7d21b5fb212d1f4d2fcff895057e6cc2d94896d3aa8f64d49f9cb0ab7569b7
-
SSDEEP
1536:eqB2VgzWwmhLmncdkadGVScGYJXeiyCnO+TI4K4I4i404R4Z1VcvsJOpPpMm4/Ns:N2GW6cOadGRJuH7ut/Tdvd+hXV/vU3v/
Malware Config
Targets
-
-
Target
2e9be33885ae6c6251c6ae0aa92b31df_JaffaCakes118
-
Size
96KB
-
MD5
2e9be33885ae6c6251c6ae0aa92b31df
-
SHA1
70b2fbb8c6bac7e54e7b3a7e470198feba232ecc
-
SHA256
519d5e3f648ffd89a17ab89de6b1b0a3428e281b2952e67f5c9665be3c1c5ae7
-
SHA512
38041ef8d723d392b5158c82c2a6c24df0b015fb62a9c6db9cd656803cebee4eee7d21b5fb212d1f4d2fcff895057e6cc2d94896d3aa8f64d49f9cb0ab7569b7
-
SSDEEP
1536:eqB2VgzWwmhLmncdkadGVScGYJXeiyCnO+TI4K4I4i404R4Z1VcvsJOpPpMm4/Ns:N2GW6cOadGRJuH7ut/Tdvd+hXV/vU3v/
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2