General
-
Target
6fe284c5efe5f5c415641eff9f92287b_JaffaCakes118
-
Size
104KB
-
Sample
241023-t2v6lssbml
-
MD5
6fe284c5efe5f5c415641eff9f92287b
-
SHA1
aaae1a278b19277f7c7fd2dd0c3dccc3dc30b2e3
-
SHA256
6b5c8119706e5824d1d0d2c6a6694e56750f1066c84bdf37a1e949815c36fae9
-
SHA512
795b088c90097c6988940dc70a3f720efc6893ca431caae48f7477d34a2368aedea726a23fa24e8f6366beaa4aac3f95a40997c5c0a20067473a190bdb2eedb0
-
SSDEEP
1536:KErnyDPU0gLr9Twk4KTOGHcKhgnPZcHHTuipl/oUY3Fw:DTyDPU0gLrHpOYenPZcn3lgUY
Malware Config
Targets
-
-
Target
6fe284c5efe5f5c415641eff9f92287b_JaffaCakes118
-
Size
104KB
-
MD5
6fe284c5efe5f5c415641eff9f92287b
-
SHA1
aaae1a278b19277f7c7fd2dd0c3dccc3dc30b2e3
-
SHA256
6b5c8119706e5824d1d0d2c6a6694e56750f1066c84bdf37a1e949815c36fae9
-
SHA512
795b088c90097c6988940dc70a3f720efc6893ca431caae48f7477d34a2368aedea726a23fa24e8f6366beaa4aac3f95a40997c5c0a20067473a190bdb2eedb0
-
SSDEEP
1536:KErnyDPU0gLr9Twk4KTOGHcKhgnPZcHHTuipl/oUY3Fw:DTyDPU0gLrHpOYenPZcn3lgUY
Score10/10-
Disables service(s)
-
Stops running service(s)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
2Windows Service
2Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
2Windows Service
2