6dafc44bca20aefb9e3903af264255e2451813ebbed79de53205a0bc2e0928c3 | Triage

Sharing

General

Target

e021b6428dfdb3d0bd3adcc58a414db3_JaffaCakes118
Size

165KB
Sample

240914-n4mpcsshrb
MD5

e021b6428dfdb3d0bd3adcc58a414db3
SHA1

01c33b1946e773de957f7b915e8a88be1a8d9b65
SHA256

6dafc44bca20aefb9e3903af264255e2451813ebbed79de53205a0bc2e0928c3
SHA512

365e3a8c61804d400cb979fb442b394e1feb6ce5c67de056a0482e25f7d2e164e80879fe3735b8ea321bb2374d98ccf299b719cb07894f59db83abd94ef20375
SSDEEP

3072:8+nZ7iDVn9/ugoC+zfgzSOP/GVgnJxvpWeYeQj2g0J+S+8gu/doQtz0:8+nZMnJu9PDgzwktpWevQKg0JN+8g6d0

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  e021b6428dfdb3d0bd3adcc58a414db3_JaffaCakes118
- Size
  
  165KB
- MD5
  
  e021b6428dfdb3d0bd3adcc58a414db3
- SHA1
  
  01c33b1946e773de957f7b915e8a88be1a8d9b65
- SHA256
  
  6dafc44bca20aefb9e3903af264255e2451813ebbed79de53205a0bc2e0928c3
- SHA512
  
  365e3a8c61804d400cb979fb442b394e1feb6ce5c67de056a0482e25f7d2e164e80879fe3735b8ea321bb2374d98ccf299b719cb07894f59db83abd94ef20375
- SSDEEP
  
  3072:8+nZ7iDVn9/ugoC+zfgzSOP/GVgnJxvpWeYeQj2g0J+S+8gu/doQtz0:8+nZMnJu9PDgzwktpWevQKg0JN+8g6d0
Score

10^/10

discovery evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion