General
-
Target
8273278a5303d68dc7875b5ca583aef2_JaffaCakes118
-
Size
248KB
-
Sample
241031-kbamjssqhx
-
MD5
8273278a5303d68dc7875b5ca583aef2
-
SHA1
5bc966f3e8611a1634efae127ba0d7d75c55fef4
-
SHA256
72262859e6a01ad7bef4529fef96a02d8ab361171bc9e46764793afca701152f
-
SHA512
ee7c9bb14593b84aa9e4c746b5d7379d8e6d7914cd4da38172ad12e0049cea52e6fac9ce67cd5c533c35b294922f3b8bcc14c8ca60eaa6d99cdbe76eea7008c1
-
SSDEEP
6144:nAFVQ1+yyUf9dgAVRKlqBiErIsKnPmb7/jWal+FfAje+5/RxoOsutOSD/uP39RWy:nAYzyUf9DRKlqgErIsKnPmb7/jWa1e+4
Malware Config
Targets
-
-
Target
8273278a5303d68dc7875b5ca583aef2_JaffaCakes118
-
Size
248KB
-
MD5
8273278a5303d68dc7875b5ca583aef2
-
SHA1
5bc966f3e8611a1634efae127ba0d7d75c55fef4
-
SHA256
72262859e6a01ad7bef4529fef96a02d8ab361171bc9e46764793afca701152f
-
SHA512
ee7c9bb14593b84aa9e4c746b5d7379d8e6d7914cd4da38172ad12e0049cea52e6fac9ce67cd5c533c35b294922f3b8bcc14c8ca60eaa6d99cdbe76eea7008c1
-
SSDEEP
6144:nAFVQ1+yyUf9dgAVRKlqBiErIsKnPmb7/jWal+FfAje+5/RxoOsutOSD/uP39RWy:nAYzyUf9DRKlqgErIsKnPmb7/jWa1e+4
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2