Overview

overview

10

Static

static

3

37ae43f483...18.exe

windows7-x64

10

37ae43f483...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    37ae43f4836382b6db1b18f4dc5124f8_JaffaCakes118

  • Size

    391KB

  • Sample

    240711-eym89syeqj

  • MD5

    37ae43f4836382b6db1b18f4dc5124f8

  • SHA1

    66f1713156916f1bc4dbf37aa6aa1ff6f24d4087

  • SHA256

    9b319dfe280ccbea9530bfef944535c2810c75ae37ec64d8dc7410b1d89b2515

  • SHA512

    8427f05771685e948768b545391143e8310fb7fe19f06db697a838a28cdfcc1653689c6c71195f8f66af369059500a20a59c47abbc70959f4ff91f090f7feba0

  • SSDEEP

    12288:VVXHp6Q14ayTdSp+QrXsN0B5j4NI22AkXGg:VVXZ7yhaRXs2Qq4Xg

Score
10/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      37ae43f4836382b6db1b18f4dc5124f8_JaffaCakes118

    • Size

      391KB

    • MD5

      37ae43f4836382b6db1b18f4dc5124f8

    • SHA1

      66f1713156916f1bc4dbf37aa6aa1ff6f24d4087

    • SHA256

      9b319dfe280ccbea9530bfef944535c2810c75ae37ec64d8dc7410b1d89b2515

    • SHA512

      8427f05771685e948768b545391143e8310fb7fe19f06db697a838a28cdfcc1653689c6c71195f8f66af369059500a20a59c47abbc70959f4ff91f090f7feba0

    • SSDEEP

      12288:VVXHp6Q14ayTdSp+QrXsN0B5j4NI22AkXGg:VVXZ7yhaRXs2Qq4Xg

    Score
    10/10
    evasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks