General

  • Target

    369b5dff03c39b93b16c8af2838a54af_JaffaCakes118

  • Size

    3.3MB

  • Sample

    241011-yyplwa1fqb

  • MD5

    369b5dff03c39b93b16c8af2838a54af

  • SHA1

    7b72829e2b2db4173b2ecfe87e376b9cf3734c98

  • SHA256

    9b3995e26d21f1eccace74b0ae1092b658f5943cdb8299f7cebc5dcd2856b60e

  • SHA512

    0ec26eb8647c1daa9ca3d579bfa90dffdfcd047cc74dd548db23e7bd93df26175adf3cc5d2aa3af5b18239c5d5275d770a4fcabb50b6e4714d05845322eb298f

  • SSDEEP

    49152:OjBSJ67TQdnthmXF7k4aiXnl5pKgRJuOc4Tx5kj7byg8Hcv++hIVKiYJMg:2BW67kizaiXjEgRkO/8ug8Hcv+AI4iQ

Malware Config

Targets

    • Target

      369b5dff03c39b93b16c8af2838a54af_JaffaCakes118

    • Size

      3.3MB

    • MD5

      369b5dff03c39b93b16c8af2838a54af

    • SHA1

      7b72829e2b2db4173b2ecfe87e376b9cf3734c98

    • SHA256

      9b3995e26d21f1eccace74b0ae1092b658f5943cdb8299f7cebc5dcd2856b60e

    • SHA512

      0ec26eb8647c1daa9ca3d579bfa90dffdfcd047cc74dd548db23e7bd93df26175adf3cc5d2aa3af5b18239c5d5275d770a4fcabb50b6e4714d05845322eb298f

    • SSDEEP

      49152:OjBSJ67TQdnthmXF7k4aiXnl5pKgRJuOc4Tx5kj7byg8Hcv++hIVKiYJMg:2BW67kizaiXjEgRkO/8ug8Hcv+AI4iQ

    • Possible privilege escalation attempt

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • File and Directory Permissions Modification: Windows File and Directory Permissions Modification

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks