Overview

overview

10

Static

static

3

c1baf02b99...18.exe

windows7-x64

10

c1baf02b99...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    c1baf02b99633eee0e15818548555de8_JaffaCakes118

  • Size

    157KB

  • Sample

    240825-2jd4da1blr

  • MD5

    c1baf02b99633eee0e15818548555de8

  • SHA1

    0e6f317e836a47d85c847b4c117b9c23e256bf7b

  • SHA256

    ff6e47b884cf1e0da6575838985477dcf362af9b902da1903cf9ad0ae6918aaf

  • SHA512

    c861f6aeabbb3633fba0e05654855cd145363009db471e00c89535f900acf819381ba0dd91dcc0c1babcf642bade152c8b2b3a4e73b43650a9875e3c57e2e68f

  • SSDEEP

    1536:lxJq7belUY9eVcmCNPBZReVyPOxzeX73fGDdgG9ExoKe+J/k0FnK6dpFH663IAma:lxJ4be9MbCNEVyPhXz49Xp+hrxx3IAma

Score
10/10
discoveryevasion

Malware Config

Targets

    • Target

      c1baf02b99633eee0e15818548555de8_JaffaCakes118

    • Size

      157KB

    • MD5

      c1baf02b99633eee0e15818548555de8

    • SHA1

      0e6f317e836a47d85c847b4c117b9c23e256bf7b

    • SHA256

      ff6e47b884cf1e0da6575838985477dcf362af9b902da1903cf9ad0ae6918aaf

    • SHA512

      c861f6aeabbb3633fba0e05654855cd145363009db471e00c89535f900acf819381ba0dd91dcc0c1babcf642bade152c8b2b3a4e73b43650a9875e3c57e2e68f

    • SSDEEP

      1536:lxJq7belUY9eVcmCNPBZReVyPOxzeX73fGDdgG9ExoKe+J/k0FnK6dpFH663IAma:lxJ4be9MbCNEVyPhXz49Xp+hrxx3IAma

    Score
    10/10
    discoveryevasion

    • Modifies visibility of file extensions in Explorer

      evasion

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks