General
-
Target
452ce0aa662da97f48f40d0fa8e7f46f_JaffaCakes118
-
Size
216KB
-
Sample
241015-bzm34sxbqe
-
MD5
452ce0aa662da97f48f40d0fa8e7f46f
-
SHA1
89730625fd3df9d5a755893ebb9ab527422da7f2
-
SHA256
978ae37e58e6bdf86784a12cd5214a05da16c71973e55983eb2591b6ce72e8c7
-
SHA512
17af91982e6f2d6b37132ae95526c9952501f0f8a302cc1b4414b71a0805b3a9ec3700066e122dc78f3cd358d6edd0cefcc73449c73bcf12394f4275e0ccdd2e
-
SSDEEP
6144:8nRIp8N4LCdxCvhoyRhU9/YcHpynEsy+XrDvCLRFktgaCoquob4ID/Sp+pP1b:8nM8cCdxCvhoyRhU9/YcJynEsy+XrDv+
Malware Config
Targets
-
-
Target
452ce0aa662da97f48f40d0fa8e7f46f_JaffaCakes118
-
Size
216KB
-
MD5
452ce0aa662da97f48f40d0fa8e7f46f
-
SHA1
89730625fd3df9d5a755893ebb9ab527422da7f2
-
SHA256
978ae37e58e6bdf86784a12cd5214a05da16c71973e55983eb2591b6ce72e8c7
-
SHA512
17af91982e6f2d6b37132ae95526c9952501f0f8a302cc1b4414b71a0805b3a9ec3700066e122dc78f3cd358d6edd0cefcc73449c73bcf12394f4275e0ccdd2e
-
SSDEEP
6144:8nRIp8N4LCdxCvhoyRhU9/YcHpynEsy+XrDvCLRFktgaCoquob4ID/Sp+pP1b:8nM8cCdxCvhoyRhU9/YcJynEsy+XrDv+
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2