General
-
Target
b4f5a85a40fb6dab663e151ca9012bf2_JaffaCakes118
-
Size
180KB
-
Sample
241130-f12p4sypcp
-
MD5
b4f5a85a40fb6dab663e151ca9012bf2
-
SHA1
64c1c8df930df3a040f9f0c86177a305e3be87bc
-
SHA256
c20d0b568658e3647e0164f08097634e5d7c31fd0811a3fb320b49b8b43985a5
-
SHA512
f42cb6da44d7530878579b979d762f0ed36b435c6ff02f6524c5e47dd7e9cb9b0f28b9222750c066a370a7f30bcc31daf6e41f2cd228f1c0c371469ea5507bf9
-
SSDEEP
1536:xoXaldcxKc8NMgeGU4AeGL0TxpKwmf8y0IpWur+2RPFYSUxBphF2x7s:qqfcSg4dgxkcrhRVUHF2ts
Malware Config
Targets
-
-
Target
b4f5a85a40fb6dab663e151ca9012bf2_JaffaCakes118
-
Size
180KB
-
MD5
b4f5a85a40fb6dab663e151ca9012bf2
-
SHA1
64c1c8df930df3a040f9f0c86177a305e3be87bc
-
SHA256
c20d0b568658e3647e0164f08097634e5d7c31fd0811a3fb320b49b8b43985a5
-
SHA512
f42cb6da44d7530878579b979d762f0ed36b435c6ff02f6524c5e47dd7e9cb9b0f28b9222750c066a370a7f30bcc31daf6e41f2cd228f1c0c371469ea5507bf9
-
SSDEEP
1536:xoXaldcxKc8NMgeGU4AeGL0TxpKwmf8y0IpWur+2RPFYSUxBphF2x7s:qqfcSg4dgxkcrhRVUHF2ts
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2