General
-
Target
3725351d97303cbecce7a2c0081a60b5_JaffaCakes118
-
Size
196KB
-
Sample
241011-2hqe1ssdlj
-
MD5
3725351d97303cbecce7a2c0081a60b5
-
SHA1
a18ff31e74ccb956ad2b12dcd6ce132d4698d860
-
SHA256
e7472b189576177d10a7c4d9014e37e8ef8ff3c3f8716915d5a8d97a9341fda2
-
SHA512
774616d39c154157d022d18b442c3091db3923ac0d2b6600e1438894a490477958ad69b49bd51a3591daa2884f0441cc3c6459441950acd58cd415660452ba27
-
SSDEEP
3072:Vcue992iI+BgY3H65so83gx2KnssfG+b1:viXH6Tx2KI8
Malware Config
Targets
-
-
Target
3725351d97303cbecce7a2c0081a60b5_JaffaCakes118
-
Size
196KB
-
MD5
3725351d97303cbecce7a2c0081a60b5
-
SHA1
a18ff31e74ccb956ad2b12dcd6ce132d4698d860
-
SHA256
e7472b189576177d10a7c4d9014e37e8ef8ff3c3f8716915d5a8d97a9341fda2
-
SHA512
774616d39c154157d022d18b442c3091db3923ac0d2b6600e1438894a490477958ad69b49bd51a3591daa2884f0441cc3c6459441950acd58cd415660452ba27
-
SSDEEP
3072:Vcue992iI+BgY3H65so83gx2KnssfG+b1:viXH6Tx2KI8
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2