Overview

overview

10

Static

static

3

eaa8f420f3...18.exe

windows7-x64

10

eaa8f420f3...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eaa8f420f3f1a1d55cc841a0cf16ab18_JaffaCakes118

  • Size

    269KB

  • Sample

    240919-f1qmvasfla

  • MD5

    eaa8f420f3f1a1d55cc841a0cf16ab18

  • SHA1

    29c492b0eae2b63c055d2e40e1a32c76204599ba

  • SHA256

    db5986d6aa6526513a319155a54142016f619316a2c82cc09fc82b26803c42bc

  • SHA512

    0544ceaa501c9030ea28b42e7b33f9b657f69e4d5039a644f6624aaee473ee9bca06d5197f3f5c9363c94b331c436c22607d96346506acf6cd3d3e47575fafc6

  • SSDEEP

    6144:+51bAZcR/6TkINwlCxwmzSEhj0gw7dRk2cGrI:+5CC14xtzSEhj0gh2cv

Score
10/10
discoveryevasion

Malware Config

Targets

    • Target

      eaa8f420f3f1a1d55cc841a0cf16ab18_JaffaCakes118

    • Size

      269KB

    • MD5

      eaa8f420f3f1a1d55cc841a0cf16ab18

    • SHA1

      29c492b0eae2b63c055d2e40e1a32c76204599ba

    • SHA256

      db5986d6aa6526513a319155a54142016f619316a2c82cc09fc82b26803c42bc

    • SHA512

      0544ceaa501c9030ea28b42e7b33f9b657f69e4d5039a644f6624aaee473ee9bca06d5197f3f5c9363c94b331c436c22607d96346506acf6cd3d3e47575fafc6

    • SSDEEP

      6144:+51bAZcR/6TkINwlCxwmzSEhj0gw7dRk2cGrI:+5CC14xtzSEhj0gh2cv

    Score
    10/10
    discoveryevasion

    • Modifies visibility of file extensions in Explorer

      evasion

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks