General
-
Target
9f01b5ac5c94db1160168ae33867a094_JaffaCakes118
-
Size
68KB
-
Sample
241126-bnfjwstjaq
-
MD5
9f01b5ac5c94db1160168ae33867a094
-
SHA1
035c3d40319000204d7637090af1fb63deafe284
-
SHA256
0e422137a9eef1d36ef941c8020d1ef328b68803c3969a7bf58d879292e8007b
-
SHA512
9d20c38b05a7593c7ebb9df364616930250b1a7c025906b5b6c71c240c932c1f523566ee435be52cdac93f97828ef10a85cc6079e98aac9b731b72e7e31d48b3
-
SSDEEP
768:McgliTd20Al+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:rgIxfAcqOK3qowgnt1d
Malware Config
Targets
-
-
Target
9f01b5ac5c94db1160168ae33867a094_JaffaCakes118
-
Size
68KB
-
MD5
9f01b5ac5c94db1160168ae33867a094
-
SHA1
035c3d40319000204d7637090af1fb63deafe284
-
SHA256
0e422137a9eef1d36ef941c8020d1ef328b68803c3969a7bf58d879292e8007b
-
SHA512
9d20c38b05a7593c7ebb9df364616930250b1a7c025906b5b6c71c240c932c1f523566ee435be52cdac93f97828ef10a85cc6079e98aac9b731b72e7e31d48b3
-
SSDEEP
768:McgliTd20Al+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:rgIxfAcqOK3qowgnt1d
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2