General
-
Target
2fd97cfe10bed3e89851d326552bec86_JaffaCakes118
-
Size
164KB
-
Sample
241009-mzj71ascqp
-
MD5
2fd97cfe10bed3e89851d326552bec86
-
SHA1
d3916eaef9c269442de7027a55590e34f29ff7b7
-
SHA256
d0f306629fe0fcab38075b3cb73a3b753b56ea1b66b64229ee395608e6b4eb9f
-
SHA512
7975ccaa9cd5a04d090e112161995d616ccf3e79cf945213457c76c976a106dedc9079c95340b2c19f4fbab6d4d33fc5e702213eec7b6abd520ed1622f415940
-
SSDEEP
3072:jmkMCSLsNgqK3xDAaEskq8+L4VEDoZD4mfrmZs20fkG:/SLsNgT3xDAaER+L4VfZkmfrIs2
Malware Config
Targets
-
-
Target
2fd97cfe10bed3e89851d326552bec86_JaffaCakes118
-
Size
164KB
-
MD5
2fd97cfe10bed3e89851d326552bec86
-
SHA1
d3916eaef9c269442de7027a55590e34f29ff7b7
-
SHA256
d0f306629fe0fcab38075b3cb73a3b753b56ea1b66b64229ee395608e6b4eb9f
-
SHA512
7975ccaa9cd5a04d090e112161995d616ccf3e79cf945213457c76c976a106dedc9079c95340b2c19f4fbab6d4d33fc5e702213eec7b6abd520ed1622f415940
-
SSDEEP
3072:jmkMCSLsNgqK3xDAaEskq8+L4VEDoZD4mfrmZs20fkG:/SLsNgT3xDAaER+L4VfZkmfrIs2
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2