General
-
Target
JaffaCakes118_1e62da65c64a41aba0ec261206502e31
-
Size
68KB
-
Sample
250706-f8ce7asly6
-
MD5
1e62da65c64a41aba0ec261206502e31
-
SHA1
1f1c170efb9d5eddda8b168cce65013dfd96697c
-
SHA256
7776839d66dad6fef4dcab66dd1c1f90e4337394188171a069183ce551ee914c
-
SHA512
42678e5d396e32394d30dba4c8d58087639840b0fa6071d4a508bca5503a7c2619533e7ccb4c54709d9eaa7d518c372fb812697bb7c113cccd39341d79c6179a
-
SSDEEP
768:4c0liTdCIAl+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:n0IxbAcqOK3qowgnt1d
Malware Config
Targets
-
-
Target
JaffaCakes118_1e62da65c64a41aba0ec261206502e31
-
Size
68KB
-
MD5
1e62da65c64a41aba0ec261206502e31
-
SHA1
1f1c170efb9d5eddda8b168cce65013dfd96697c
-
SHA256
7776839d66dad6fef4dcab66dd1c1f90e4337394188171a069183ce551ee914c
-
SHA512
42678e5d396e32394d30dba4c8d58087639840b0fa6071d4a508bca5503a7c2619533e7ccb4c54709d9eaa7d518c372fb812697bb7c113cccd39341d79c6179a
-
SSDEEP
768:4c0liTdCIAl+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:n0IxbAcqOK3qowgnt1d
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v16
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2