General
-
Target
52751d5b018221e10066e6dadd3074f6_JaffaCakes118
-
Size
68KB
-
Sample
241017-sha6nasclf
-
MD5
52751d5b018221e10066e6dadd3074f6
-
SHA1
7fb4f45cdf3d2135bc919833e241d221b94feed3
-
SHA256
aa816f1b48fdf06d21d20693eeaeec3642852d0c717ae469896ea4c12e4908d4
-
SHA512
1b02156a4afb9013251fb9635b813b170ac2663be43d8898b86ba95ef9fb35cea13a336b4a4af2ab9700056e4eb63f150db2e612342b58e392ab1cedd47affdf
-
SSDEEP
768:gcsliTdG2vAl+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:vsIxJAcqOK3qowgnt1d
Malware Config
Targets
-
-
Target
52751d5b018221e10066e6dadd3074f6_JaffaCakes118
-
Size
68KB
-
MD5
52751d5b018221e10066e6dadd3074f6
-
SHA1
7fb4f45cdf3d2135bc919833e241d221b94feed3
-
SHA256
aa816f1b48fdf06d21d20693eeaeec3642852d0c717ae469896ea4c12e4908d4
-
SHA512
1b02156a4afb9013251fb9635b813b170ac2663be43d8898b86ba95ef9fb35cea13a336b4a4af2ab9700056e4eb63f150db2e612342b58e392ab1cedd47affdf
-
SSDEEP
768:gcsliTdG2vAl+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:vsIxJAcqOK3qowgnt1d
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2