General
-
Target
45d63e52af17046626591f038378c47a_JaffaCakes118
-
Size
116KB
-
Sample
241015-e3g8tayfjp
-
MD5
45d63e52af17046626591f038378c47a
-
SHA1
3bf27ccc2a69f2084ff479093d459045b01592cc
-
SHA256
c1a9b807d442f749cec1b9257c6e598e2cdac0c5237189e3452ddfd84a75eb7b
-
SHA512
ba1da6e4ecbd4459c375406a43d8dcb3ad1f9b956a31b255f9dd5b4429e5ba4d76b2c5ad78c7b6236f40271862abd1f6104a408be6d241b79d382ea1ccc36d35
-
SSDEEP
1536:1GXuJIDBeZjhtFgGjtXDTto2D9uCLBCPr8/NL44PerViI8kIi/p0:weJyeZj/FgoTq2lr20
Static task
static1
Behavioral task
behavioral1
Sample
45d63e52af17046626591f038378c47a_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
45d63e52af17046626591f038378c47a_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
45d63e52af17046626591f038378c47a_JaffaCakes118
-
Size
116KB
-
MD5
45d63e52af17046626591f038378c47a
-
SHA1
3bf27ccc2a69f2084ff479093d459045b01592cc
-
SHA256
c1a9b807d442f749cec1b9257c6e598e2cdac0c5237189e3452ddfd84a75eb7b
-
SHA512
ba1da6e4ecbd4459c375406a43d8dcb3ad1f9b956a31b255f9dd5b4429e5ba4d76b2c5ad78c7b6236f40271862abd1f6104a408be6d241b79d382ea1ccc36d35
-
SSDEEP
1536:1GXuJIDBeZjhtFgGjtXDTto2D9uCLBCPr8/NL44PerViI8kIi/p0:weJyeZj/FgoTq2lr20
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2