General
-
Target
40793825bd61c16c34ba91d6f4e6d07f_JaffaCakes118
-
Size
248KB
-
Sample
241013-r8nc8ssbpc
-
MD5
40793825bd61c16c34ba91d6f4e6d07f
-
SHA1
c02ec7345b34c333d7aedec860f906996a202613
-
SHA256
d7aec0470d862721574589773d7a1844c9db463615a7aedab29669abd2778bb7
-
SHA512
e72d4e17e16c9d2ae099c5043cb42da7f9b52a9d88ec79d4c48482be5ebd35024f9539f16eb5c1eaffd6a26f9b5e080f36bd35fc423e819c7fe05c32ee31b9f3
-
SSDEEP
3072:42YldGj/tm1VNDL0L/RSRDIy5lb5zGJJJ:4rdGMscUy5H
Malware Config
Targets
-
-
Target
40793825bd61c16c34ba91d6f4e6d07f_JaffaCakes118
-
Size
248KB
-
MD5
40793825bd61c16c34ba91d6f4e6d07f
-
SHA1
c02ec7345b34c333d7aedec860f906996a202613
-
SHA256
d7aec0470d862721574589773d7a1844c9db463615a7aedab29669abd2778bb7
-
SHA512
e72d4e17e16c9d2ae099c5043cb42da7f9b52a9d88ec79d4c48482be5ebd35024f9539f16eb5c1eaffd6a26f9b5e080f36bd35fc423e819c7fe05c32ee31b9f3
-
SSDEEP
3072:42YldGj/tm1VNDL0L/RSRDIy5lb5zGJJJ:4rdGMscUy5H
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2