General
-
Target
417d0f59010955df468f2bf005e497f0_JaffaCakes118
-
Size
156KB
-
Sample
241013-xfxzvswgpr
-
MD5
417d0f59010955df468f2bf005e497f0
-
SHA1
4091f91b8cd52ceb2455682fbe37bbe4a2fceb22
-
SHA256
77ab1615ddfe44340a0b9d41f90433623adc54a626e1494c97b215cc22289790
-
SHA512
60e1980e60aa12f967258a2d6d5d8c8392caf015d9d99a66ae4e9d77c5d03a492ef510842af207f96d15070b289ac799a4bc18945e01b6a678b3e8f898999669
-
SSDEEP
1536:4Han4ngzp0B8b7NuRe305Xrud5N9jRMmBUKH7zD87/u+JcBqVbv1BsbhbEle+RR/:pogeaBufubFKVXcBqB1BVXsjzS
Malware Config
Targets
-
-
Target
417d0f59010955df468f2bf005e497f0_JaffaCakes118
-
Size
156KB
-
MD5
417d0f59010955df468f2bf005e497f0
-
SHA1
4091f91b8cd52ceb2455682fbe37bbe4a2fceb22
-
SHA256
77ab1615ddfe44340a0b9d41f90433623adc54a626e1494c97b215cc22289790
-
SHA512
60e1980e60aa12f967258a2d6d5d8c8392caf015d9d99a66ae4e9d77c5d03a492ef510842af207f96d15070b289ac799a4bc18945e01b6a678b3e8f898999669
-
SSDEEP
1536:4Han4ngzp0B8b7NuRe305Xrud5N9jRMmBUKH7zD87/u+JcBqVbv1BsbhbEle+RR/:pogeaBufubFKVXcBqB1BVXsjzS
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2