General
-
Target
2fac75b1584ec94cf75ebabc923ecc49_JaffaCakes118
-
Size
68KB
-
Sample
241009-mrkhssvhna
-
MD5
2fac75b1584ec94cf75ebabc923ecc49
-
SHA1
21f08c0e919c5de9835bf3a5d4c50e845cc77ae6
-
SHA256
e8508d0e42adb988d67436c19f8cb5ce042e680c61c392faa37ac5de64fa6cb4
-
SHA512
09fe1177eaddf96a565b5a53459508cc618b94aa81d8df72b1dc5e61f9b1b7a900d01a88f418431dbbd7f0bdb1451d90cdd676899b659ee45a1a44f726df316c
-
SSDEEP
768:NcFliTdWipAl+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:KFIxvpAcqOK3qowgnt1d
Malware Config
Targets
-
-
Target
2fac75b1584ec94cf75ebabc923ecc49_JaffaCakes118
-
Size
68KB
-
MD5
2fac75b1584ec94cf75ebabc923ecc49
-
SHA1
21f08c0e919c5de9835bf3a5d4c50e845cc77ae6
-
SHA256
e8508d0e42adb988d67436c19f8cb5ce042e680c61c392faa37ac5de64fa6cb4
-
SHA512
09fe1177eaddf96a565b5a53459508cc618b94aa81d8df72b1dc5e61f9b1b7a900d01a88f418431dbbd7f0bdb1451d90cdd676899b659ee45a1a44f726df316c
-
SSDEEP
768:NcFliTdWipAl+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:KFIxvpAcqOK3qowgnt1d
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2