General
-
Target
9f0a6a385bf893d9cd0f3696addc9892_JaffaCakes118
-
Size
68KB
-
Sample
241126-bt1f9awras
-
MD5
9f0a6a385bf893d9cd0f3696addc9892
-
SHA1
2e8e9e3b2c1e460d6d77fb777a5de3a3ecc9010f
-
SHA256
e2710769fca90a2309ba7233741dca039efa1bc70ec1f75c41ed9347df246293
-
SHA512
1e66b766f4ac9ba2e924216a72c19ca7d86c239f83390491bdcbc5a756ff73a06a89d9b40200e03a0b00e242eed3c390aa262d94e2d52c6d6acec9c46c59f363
-
SSDEEP
768:UcYliTdiyAl+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:TYIx5AcqOK3qowgnt1d
Malware Config
Targets
-
-
Target
9f0a6a385bf893d9cd0f3696addc9892_JaffaCakes118
-
Size
68KB
-
MD5
9f0a6a385bf893d9cd0f3696addc9892
-
SHA1
2e8e9e3b2c1e460d6d77fb777a5de3a3ecc9010f
-
SHA256
e2710769fca90a2309ba7233741dca039efa1bc70ec1f75c41ed9347df246293
-
SHA512
1e66b766f4ac9ba2e924216a72c19ca7d86c239f83390491bdcbc5a756ff73a06a89d9b40200e03a0b00e242eed3c390aa262d94e2d52c6d6acec9c46c59f363
-
SSDEEP
768:UcYliTdiyAl+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:TYIx5AcqOK3qowgnt1d
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2