General
-
Target
418c0180ed7a1a7295178d90a85b9e95_JaffaCakes118
-
Size
156KB
-
Sample
241013-xpqbdasgka
-
MD5
418c0180ed7a1a7295178d90a85b9e95
-
SHA1
6f275bd73d1c4922aade803aea9f1dc2b18747c6
-
SHA256
7b6cbb9ad77894d26bb4273be5d2be239c432f1a79da8cf974f803b462f3a6ed
-
SHA512
dbaf19fd7f6b5ef9030b1bd3c052f762f3ff5727d58d650f2ab876a57f5c2f8dee715e51f299953a62f62ca1c29e0b2594d528b93e4231b7e850356e2b15c971
-
SSDEEP
1536:ZNrFvOLgGGRsNLCNMSG5+SUdqeHAQWXZaNwRRczNoU1LbLkOVtFVh:3r1OkxaZLBRWhlL9t
Malware Config
Targets
-
-
Target
418c0180ed7a1a7295178d90a85b9e95_JaffaCakes118
-
Size
156KB
-
MD5
418c0180ed7a1a7295178d90a85b9e95
-
SHA1
6f275bd73d1c4922aade803aea9f1dc2b18747c6
-
SHA256
7b6cbb9ad77894d26bb4273be5d2be239c432f1a79da8cf974f803b462f3a6ed
-
SHA512
dbaf19fd7f6b5ef9030b1bd3c052f762f3ff5727d58d650f2ab876a57f5c2f8dee715e51f299953a62f62ca1c29e0b2594d528b93e4231b7e850356e2b15c971
-
SSDEEP
1536:ZNrFvOLgGGRsNLCNMSG5+SUdqeHAQWXZaNwRRczNoU1LbLkOVtFVh:3r1OkxaZLBRWhlL9t
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2