General
-
Target
571f0a68064c139bd4188e5e1c023357_JaffaCakes118
-
Size
244KB
-
Sample
241018-nbdwratdre
-
MD5
571f0a68064c139bd4188e5e1c023357
-
SHA1
0ad762e75e050318205c90f24b60ac6cd6785630
-
SHA256
b92316e1232d4e35c58da64593a49edbf8d05db310a4982688884f9ef2779f1f
-
SHA512
a856c550c3a299f60ef95071597c2c28ea1b6e5e40400422293cca94eec547d4ccfcb853f248230e854e14edd524b5e917983e97fafba5cd8b8b99c32a1f4a7a
-
SSDEEP
6144:5ViQ+u5HAPkbZePJDmlI/+dfkIOwgccXYJcmI3cvHQOFZayUa/nM2:5ViQ+u5HAPk9EUoYJcmym0
Malware Config
Targets
-
-
Target
571f0a68064c139bd4188e5e1c023357_JaffaCakes118
-
Size
244KB
-
MD5
571f0a68064c139bd4188e5e1c023357
-
SHA1
0ad762e75e050318205c90f24b60ac6cd6785630
-
SHA256
b92316e1232d4e35c58da64593a49edbf8d05db310a4982688884f9ef2779f1f
-
SHA512
a856c550c3a299f60ef95071597c2c28ea1b6e5e40400422293cca94eec547d4ccfcb853f248230e854e14edd524b5e917983e97fafba5cd8b8b99c32a1f4a7a
-
SSDEEP
6144:5ViQ+u5HAPkbZePJDmlI/+dfkIOwgccXYJcmI3cvHQOFZayUa/nM2:5ViQ+u5HAPk9EUoYJcmym0
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2