General
-
Target
2eecbf4dc8c76e00dcede5f0379128fb_JaffaCakes118
-
Size
248KB
-
Sample
241009-lrcmhszfrh
-
MD5
2eecbf4dc8c76e00dcede5f0379128fb
-
SHA1
10ba155f7ea9dc55d16ccafeddb1e2ae5ee2acc0
-
SHA256
d6e9d9de41f41e4b602b3749c209ff5d1ea85de1cf918c2158dcbfb0eba02e09
-
SHA512
5867e42290f0284aba3f98cd72fe7be71219dcce35e48815239740318cb624737f6e1d0f6ac076cb7ad8740edf51cef7e33728fcc622b7d237360d9648e29b63
-
SSDEEP
3072:om38bUQSxwjJhU8hPsOknb9JeJ7JwJHJ6JkBTriGXfXkGN3tqZ4xoRg4Sx+Tidc+:hUUBohhM9op2pYOF0yIdngF
Malware Config
Targets
-
-
Target
2eecbf4dc8c76e00dcede5f0379128fb_JaffaCakes118
-
Size
248KB
-
MD5
2eecbf4dc8c76e00dcede5f0379128fb
-
SHA1
10ba155f7ea9dc55d16ccafeddb1e2ae5ee2acc0
-
SHA256
d6e9d9de41f41e4b602b3749c209ff5d1ea85de1cf918c2158dcbfb0eba02e09
-
SHA512
5867e42290f0284aba3f98cd72fe7be71219dcce35e48815239740318cb624737f6e1d0f6ac076cb7ad8740edf51cef7e33728fcc622b7d237360d9648e29b63
-
SSDEEP
3072:om38bUQSxwjJhU8hPsOknb9JeJ7JwJHJ6JkBTriGXfXkGN3tqZ4xoRg4Sx+Tidc+:hUUBohhM9op2pYOF0yIdngF
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2