Overview

overview

9

Static

static

3

01042286fe...18.exe

windows7-x64

9

01042286fe...18.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    01042286fec3f743bd3609fc486d6a8a_JaffaCakes118

  • Size

    10KB

  • Sample

    240930-nascrasaqk

  • MD5

    01042286fec3f743bd3609fc486d6a8a

  • SHA1

    7dace304baf7800fb2bde81efcfbfeca374fb836

  • SHA256

    e69413775b1c499b535717a2c6048cf74706900977d787528e74609f6058f7a8

  • SHA512

    5254d6bae90557acbc734f6107c533502658c3087b5070f4ef059376abbda18805bc82bc597a692cee9d0eb8d7ffd777299dafaf93346ee634a500ece7a4cf79

  • SSDEEP

    192:10MCWVkFVu4+wfkbe1zIDsCZ9ciuMsHctKw7q+t0PtRIfco+y:10GVkywj1zwsCZegs+P7zVfcoL

Score
9/10
discoveryransomwarespywarestealer

Malware Config

Targets

    • Target

      01042286fec3f743bd3609fc486d6a8a_JaffaCakes118

    • Size

      10KB

    • MD5

      01042286fec3f743bd3609fc486d6a8a

    • SHA1

      7dace304baf7800fb2bde81efcfbfeca374fb836

    • SHA256

      e69413775b1c499b535717a2c6048cf74706900977d787528e74609f6058f7a8

    • SHA512

      5254d6bae90557acbc734f6107c533502658c3087b5070f4ef059376abbda18805bc82bc597a692cee9d0eb8d7ffd777299dafaf93346ee634a500ece7a4cf79

    • SSDEEP

      192:10MCWVkFVu4+wfkbe1zIDsCZ9ciuMsHctKw7q+t0PtRIfco+y:10GVkywj1zwsCZegs+P7zVfcoL

    Score
    9/10
    discoveryransomwarespywarestealer

    • Renames multiple (2204) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Drops file in Drivers directory

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks