General
-
Target
3884c3e4471e4aada5acd185e2409d96_JaffaCakes118
-
Size
132KB
-
Sample
241012-fn9vysyhnr
-
MD5
3884c3e4471e4aada5acd185e2409d96
-
SHA1
0551598861b63a55cf33c0074b9c326d5f9eb073
-
SHA256
ac6caefbc81aa327d022b57b28b962cfcd52cea30e411b105e56d083edcbcc72
-
SHA512
74845840d18eaa063a88e4033d779cf9077402a892295e7db9abc87142873766ff32f1f96aca6d0a9188009c349778bdb0b8d68b2113a80c3d39797495d282f6
-
SSDEEP
3072:cDCbZSukOY8hrJFVNM/N/5sfqDfwqyne+:6ork6hrJ3NON/5sGSe+
Malware Config
Targets
-
-
Target
3884c3e4471e4aada5acd185e2409d96_JaffaCakes118
-
Size
132KB
-
MD5
3884c3e4471e4aada5acd185e2409d96
-
SHA1
0551598861b63a55cf33c0074b9c326d5f9eb073
-
SHA256
ac6caefbc81aa327d022b57b28b962cfcd52cea30e411b105e56d083edcbcc72
-
SHA512
74845840d18eaa063a88e4033d779cf9077402a892295e7db9abc87142873766ff32f1f96aca6d0a9188009c349778bdb0b8d68b2113a80c3d39797495d282f6
-
SSDEEP
3072:cDCbZSukOY8hrJFVNM/N/5sfqDfwqyne+:6ork6hrJ3NON/5sGSe+
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2