22f6ee71605eb59c51fd46243a5be5ca141bcb66d8107d5747a90d68a8e96ad1 | Triage

Sharing

General

Target

ead201b88427df68babe788cd421739b_JaffaCakes118
Size

161KB
Sample

240919-hyrs8swfpd
MD5

ead201b88427df68babe788cd421739b
SHA1

4b608c11f4f13c62330b48146722563e3f34d5cf
SHA256

22f6ee71605eb59c51fd46243a5be5ca141bcb66d8107d5747a90d68a8e96ad1
SHA512

814091613f6b495b42234e975c398e3415f1a143ad4c8d3f1b0a5cc05b6fb841395229ad85fcc8ea534099689f8cb0f9b3d23e90a9969d709fd0a9f568e98fd4
SSDEEP

3072:UhSE/PISDsciJbrq16TTMEE9Ej67CcA4ceU6AQyvs/PMVdG:Uhb3txiJXPXg9EjSCcA4fqscjG

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  ead201b88427df68babe788cd421739b_JaffaCakes118
- Size
  
  161KB
- MD5
  
  ead201b88427df68babe788cd421739b
- SHA1
  
  4b608c11f4f13c62330b48146722563e3f34d5cf
- SHA256
  
  22f6ee71605eb59c51fd46243a5be5ca141bcb66d8107d5747a90d68a8e96ad1
- SHA512
  
  814091613f6b495b42234e975c398e3415f1a143ad4c8d3f1b0a5cc05b6fb841395229ad85fcc8ea534099689f8cb0f9b3d23e90a9969d709fd0a9f568e98fd4
- SSDEEP
  
  3072:UhSE/PISDsciJbrq16TTMEE9Ej67CcA4ceU6AQyvs/PMVdG:Uhb3txiJXPXg9EjSCcA4fqscjG
Score

10^/10

discovery evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion