General
-
Target
9f0b859a757d8415d19fa53bda0d1c57_JaffaCakes118
-
Size
88KB
-
Sample
241126-bvhmtswrcs
-
MD5
9f0b859a757d8415d19fa53bda0d1c57
-
SHA1
fda8f94feb816f1f0016cbc31b33aa68777afab1
-
SHA256
c924729c07970363a1f04c4f1f55dd77e882fb81cef042cd26aabd676d00dff4
-
SHA512
86269122008b3725a9a3bf0d7256031c32a85320a900c0ed5cf76fe9cb256ed9701062aa96607d09a789078eb2f497d2f6048e4cd0224efdfb4a85e1c6e3762d
-
SSDEEP
1536:7FTkQFqSpy8tXG06YpqdXTsYJ/F+FBFIFGFYF7DUZxTZk/a:dcSs0G0mZJC
Malware Config
Targets
-
-
Target
9f0b859a757d8415d19fa53bda0d1c57_JaffaCakes118
-
Size
88KB
-
MD5
9f0b859a757d8415d19fa53bda0d1c57
-
SHA1
fda8f94feb816f1f0016cbc31b33aa68777afab1
-
SHA256
c924729c07970363a1f04c4f1f55dd77e882fb81cef042cd26aabd676d00dff4
-
SHA512
86269122008b3725a9a3bf0d7256031c32a85320a900c0ed5cf76fe9cb256ed9701062aa96607d09a789078eb2f497d2f6048e4cd0224efdfb4a85e1c6e3762d
-
SSDEEP
1536:7FTkQFqSpy8tXG06YpqdXTsYJ/F+FBFIFGFYF7DUZxTZk/a:dcSs0G0mZJC
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2