Overview

overview

8

Static

static

3

27f581b362...18.exe

windows7-x64

8

27f581b362...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    27f581b362b0b242b697d08707d3d02d_JaffaCakes118

  • Size

    176KB

  • Sample

    240706-ksnwhashnn

  • MD5

    27f581b362b0b242b697d08707d3d02d

  • SHA1

    2d826bd07e7348df4d93f7bb5c98e864e9967e7c

  • SHA256

    d0d843642f939f48f88cd0d1f1acf1fcfcf39d046d7e17dbe89069862ac878c4

  • SHA512

    207c2b1519de7b0bae31eb6c79f6e70962e999a6d1bcff1a55ce8c4ecdfadbcc84be143edc0d1376d5933605622e87181046b72628a9da0ae5e95a82c047cab3

  • SSDEEP

    1536:QuPszB4zsq/szszsS/szszsYzszszsszszszs8zszszsgzszszsozszszsGzszs4:Q4VgVFjD9Ap8PdSxFIyL7

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      27f581b362b0b242b697d08707d3d02d_JaffaCakes118

    • Size

      176KB

    • MD5

      27f581b362b0b242b697d08707d3d02d

    • SHA1

      2d826bd07e7348df4d93f7bb5c98e864e9967e7c

    • SHA256

      d0d843642f939f48f88cd0d1f1acf1fcfcf39d046d7e17dbe89069862ac878c4

    • SHA512

      207c2b1519de7b0bae31eb6c79f6e70962e999a6d1bcff1a55ce8c4ecdfadbcc84be143edc0d1376d5933605622e87181046b72628a9da0ae5e95a82c047cab3

    • SSDEEP

      1536:QuPszB4zsq/szszsS/szszsYzszszsszszszs8zszszsgzszszsozszszsGzszs4:Q4VgVFjD9Ap8PdSxFIyL7

    Score
    8/10
    evasionpersistence

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks