General
-
Target
9eec1105097b7d71487dc562ca21774d_JaffaCakes118
-
Size
148KB
-
Sample
241126-bbrfmasmbm
-
MD5
9eec1105097b7d71487dc562ca21774d
-
SHA1
2fa9f78b618c097e65ee4a387f3bfb41a3cf6993
-
SHA256
46f23d38085b1ee1ca77e6576d696a82f9064b62120eb7e4ad874ca8d7d8421c
-
SHA512
d6db1f8d43f3a2f342f282148f49a95021ddbf716c63dec6aa2a8fe8adfee32c9c55e525568ae38f57446dc233b39dd7baa1149ca1636375e1a79d76fad90c7e
-
SSDEEP
3072:C2D+WuMBspr8+k77/pswWR/x0+dv4TLxyK454oQZiE+A9U:NSWuMBsFvS04+dv4TVSWJm
Malware Config
Targets
-
-
Target
9eec1105097b7d71487dc562ca21774d_JaffaCakes118
-
Size
148KB
-
MD5
9eec1105097b7d71487dc562ca21774d
-
SHA1
2fa9f78b618c097e65ee4a387f3bfb41a3cf6993
-
SHA256
46f23d38085b1ee1ca77e6576d696a82f9064b62120eb7e4ad874ca8d7d8421c
-
SHA512
d6db1f8d43f3a2f342f282148f49a95021ddbf716c63dec6aa2a8fe8adfee32c9c55e525568ae38f57446dc233b39dd7baa1149ca1636375e1a79d76fad90c7e
-
SSDEEP
3072:C2D+WuMBspr8+k77/pswWR/x0+dv4TLxyK454oQZiE+A9U:NSWuMBsFvS04+dv4TVSWJm
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2