General
-
Target
9ef523d405b7d429ccd88265ec1f73c2_JaffaCakes118
-
Size
232KB
-
Sample
241126-be3ytssngm
-
MD5
9ef523d405b7d429ccd88265ec1f73c2
-
SHA1
1136a8d4c254912f8914a7a939fdfeb9582bc348
-
SHA256
c67025210c266ee22d87dd48271bedf92d7cb96f2391a156151d20e90c60fed1
-
SHA512
58014bc24cb486c54fd4e58d53caf6ab5907cd1c54346ecb92433b717fc665f4cc7a89235fff566c1b5f84612da00847ca02b0f84878cf9f32f02e077d0f4eb7
-
SSDEEP
6144:C1r3thgZzOjFHia5QUXuB+n1HR1D2uycCUbyWn:C1r3wzOjFHtycCUbyWn
Malware Config
Targets
-
-
Target
9ef523d405b7d429ccd88265ec1f73c2_JaffaCakes118
-
Size
232KB
-
MD5
9ef523d405b7d429ccd88265ec1f73c2
-
SHA1
1136a8d4c254912f8914a7a939fdfeb9582bc348
-
SHA256
c67025210c266ee22d87dd48271bedf92d7cb96f2391a156151d20e90c60fed1
-
SHA512
58014bc24cb486c54fd4e58d53caf6ab5907cd1c54346ecb92433b717fc665f4cc7a89235fff566c1b5f84612da00847ca02b0f84878cf9f32f02e077d0f4eb7
-
SSDEEP
6144:C1r3thgZzOjFHia5QUXuB+n1HR1D2uycCUbyWn:C1r3wzOjFHtycCUbyWn
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2