Overview

overview

10

Static

static

3

ece31eb02f...18.exe

windows7-x64

10

ece31eb02f...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ece31eb02fcd12d46ae022d695997f02_JaffaCakes118

  • Size

    152KB

  • Sample

    240920-fnd4aazcld

  • MD5

    ece31eb02fcd12d46ae022d695997f02

  • SHA1

    e50209226fac2ece6634b931ed51b2da1d8fbdd7

  • SHA256

    7736cf6a557634d581fbbcd8b6e92559a95eb05328ac966d4b21839c939606ae

  • SHA512

    74b1507ee2ef5f6249f80f035ffd97c78606b3a3a55a4bc80c02fc1deba413c1ae7a242744114a5bc26c994a7930f76329da50104d6ccee6ac8d2da9dbc223ed

  • SSDEEP

    3072:pGU98pLUCP3KDOHbN/WfpEJ3F5VtHJ52GBOU994eCpDcwa:pb98pgsbN+KNfPHDTcUH4eCcT

Score
10/10
discoveryevasion

Malware Config

Targets

    • Target

      ece31eb02fcd12d46ae022d695997f02_JaffaCakes118

    • Size

      152KB

    • MD5

      ece31eb02fcd12d46ae022d695997f02

    • SHA1

      e50209226fac2ece6634b931ed51b2da1d8fbdd7

    • SHA256

      7736cf6a557634d581fbbcd8b6e92559a95eb05328ac966d4b21839c939606ae

    • SHA512

      74b1507ee2ef5f6249f80f035ffd97c78606b3a3a55a4bc80c02fc1deba413c1ae7a242744114a5bc26c994a7930f76329da50104d6ccee6ac8d2da9dbc223ed

    • SSDEEP

      3072:pGU98pLUCP3KDOHbN/WfpEJ3F5VtHJ52GBOU994eCpDcwa:pb98pgsbN+KNfPHDTcUH4eCcT

    Score
    10/10
    discoveryevasion

    • Modifies visibility of file extensions in Explorer

      evasion

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks