General
-
Target
5487a314bdcaa0e0c6aed97b3c07a54e_JaffaCakes118
-
Size
228KB
-
Sample
241018-a2bx7awcjh
-
MD5
5487a314bdcaa0e0c6aed97b3c07a54e
-
SHA1
4f01ee0a82b018d038ededa157e9e43b8aa52345
-
SHA256
63db1266c7103c375fbfe9fc56a05baf55fdcfbfecdc1c804c4de7705bd7cdf8
-
SHA512
63352f4fac8dda65b66fe2bc7e36a34406ba6cf23fe4f720cb7fa4ca0ff7a71a489f96d11ce916560298f2bcda154fd81f3a1755e9ce88ad341eb8c2bc344b63
-
SSDEEP
3072:ugwKx8i5UYJVFV5eDQHsuvNA05Vqtto24VmcZMUuXi46qndZAxIbYpNR:/xX3JrLeDQHr+uV0to24VmlUuSvqPc
Malware Config
Targets
-
-
Target
5487a314bdcaa0e0c6aed97b3c07a54e_JaffaCakes118
-
Size
228KB
-
MD5
5487a314bdcaa0e0c6aed97b3c07a54e
-
SHA1
4f01ee0a82b018d038ededa157e9e43b8aa52345
-
SHA256
63db1266c7103c375fbfe9fc56a05baf55fdcfbfecdc1c804c4de7705bd7cdf8
-
SHA512
63352f4fac8dda65b66fe2bc7e36a34406ba6cf23fe4f720cb7fa4ca0ff7a71a489f96d11ce916560298f2bcda154fd81f3a1755e9ce88ad341eb8c2bc344b63
-
SSDEEP
3072:ugwKx8i5UYJVFV5eDQHsuvNA05Vqtto24VmcZMUuXi46qndZAxIbYpNR:/xX3JrLeDQHr+uV0to24VmlUuSvqPc
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2