General
-
Target
3a39f6f766d2d365dd71d9b518a694ba_JaffaCakes118
-
Size
104KB
-
Sample
241012-qk7arsxaln
-
MD5
3a39f6f766d2d365dd71d9b518a694ba
-
SHA1
a453da6e2a88c5167abcc6f8a395ba26ced5b862
-
SHA256
f8d01923ff13126709a592fdca435f5a2da560523ddfc9da4f3ab7bd442372de
-
SHA512
77050e164ac18877031f7b51081666197041e8c13bba57a9c8218ed8f4ca0aaaa7e197260976db1da780e4d6b31f53a49f37a6999df85cc74ccd323557b22aab
-
SSDEEP
1536:wxCbAJ8xxp+pofZ71TDdxqh5c2+JTlD/5QOuqXRRRyRAR/RwRzyYWkMktgF4GPgU:2+5+pMI7cv776qL0oDF
Malware Config
Targets
-
-
Target
3a39f6f766d2d365dd71d9b518a694ba_JaffaCakes118
-
Size
104KB
-
MD5
3a39f6f766d2d365dd71d9b518a694ba
-
SHA1
a453da6e2a88c5167abcc6f8a395ba26ced5b862
-
SHA256
f8d01923ff13126709a592fdca435f5a2da560523ddfc9da4f3ab7bd442372de
-
SHA512
77050e164ac18877031f7b51081666197041e8c13bba57a9c8218ed8f4ca0aaaa7e197260976db1da780e4d6b31f53a49f37a6999df85cc74ccd323557b22aab
-
SSDEEP
1536:wxCbAJ8xxp+pofZ71TDdxqh5c2+JTlD/5QOuqXRRRyRAR/RwRzyYWkMktgF4GPgU:2+5+pMI7cv776qL0oDF
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2