63dc05e0306fd55284737c04490010600c517c8ec8e433703acfbaaf38fce65e | Triage

Sharing

General

Target

abd83408a5cf16a2c9411eac5906a17a_JaffaCakes118
Size

160KB
Sample

240819-vljnbawbqd
MD5

abd83408a5cf16a2c9411eac5906a17a
SHA1

98eb02e84d317dec29e01c2e39c3e55ecc705603
SHA256

63dc05e0306fd55284737c04490010600c517c8ec8e433703acfbaaf38fce65e
SHA512

67846716dc5e55d17b1734d85c8823ec98e3e59d9cca2a82d917fa4c008344b3cf17879dbbdb3d2fa0cc70da35d8bed43987866c1d7ae7e89ef7f9490600019d
SSDEEP

3072:NafJttKIr30Ql0rGXGuorAKDd48pBIxnynQ50fu7oKME7mJdLM:NGJj3j0Q+2dGD7IxF50lE7mJdo

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  abd83408a5cf16a2c9411eac5906a17a_JaffaCakes118
- Size
  
  160KB
- MD5
  
  abd83408a5cf16a2c9411eac5906a17a
- SHA1
  
  98eb02e84d317dec29e01c2e39c3e55ecc705603
- SHA256
  
  63dc05e0306fd55284737c04490010600c517c8ec8e433703acfbaaf38fce65e
- SHA512
  
  67846716dc5e55d17b1734d85c8823ec98e3e59d9cca2a82d917fa4c008344b3cf17879dbbdb3d2fa0cc70da35d8bed43987866c1d7ae7e89ef7f9490600019d
- SSDEEP
  
  3072:NafJttKIr30Ql0rGXGuorAKDd48pBIxnynQ50fu7oKME7mJdLM:NGJj3j0Q+2dGD7IxF50lE7mJdo
Score

10^/10

discovery evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion