Overview

overview

10

Static

static

3

27d6bf910f...18.exe

windows7-x64

10

27d6bf910f...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    27d6bf910f9a6980696e3943f83a551e_JaffaCakes118

  • Size

    149KB

  • Sample

    241009-aycqbatgrl

  • MD5

    27d6bf910f9a6980696e3943f83a551e

  • SHA1

    8d8a05df193bf3365adf56fd4b482ecca5e91cf4

  • SHA256

    e2424984be97181ce7508e904ce66655c59d0c0bd27e546c09773666bf743218

  • SHA512

    e0ddec1f41001f334f6ebdd4a76df297010cc6ae087d9cdb04b32b3056103cd2e776e6229995ac9f96f9cc43de9e3006d5791fb719411eebf0d0391b9ed252c7

  • SSDEEP

    3072:PGU98pLUCP3KDOu7VsHtWyhE2KawoZifsQverxLgnB18ZLJKC:Pb98pgt7VsHtWyacesue9Lg2L8C

Score
10/10
discoveryevasion

Malware Config

Targets

    • Target

      27d6bf910f9a6980696e3943f83a551e_JaffaCakes118

    • Size

      149KB

    • MD5

      27d6bf910f9a6980696e3943f83a551e

    • SHA1

      8d8a05df193bf3365adf56fd4b482ecca5e91cf4

    • SHA256

      e2424984be97181ce7508e904ce66655c59d0c0bd27e546c09773666bf743218

    • SHA512

      e0ddec1f41001f334f6ebdd4a76df297010cc6ae087d9cdb04b32b3056103cd2e776e6229995ac9f96f9cc43de9e3006d5791fb719411eebf0d0391b9ed252c7

    • SSDEEP

      3072:PGU98pLUCP3KDOu7VsHtWyhE2KawoZifsQverxLgnB18ZLJKC:Pb98pgt7VsHtWyacesue9Lg2L8C

    Score
    10/10
    discoveryevasion

    • Modifies visibility of file extensions in Explorer

      evasion

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks