Overview

overview

10

Static

static

3

3841668355...18.exe

windows7-x64

10

3841668355...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    3841668355b17c060b1d17820494a698_JaffaCakes118

  • Size

    412KB

  • Sample

    240711-jkga1syemf

  • MD5

    3841668355b17c060b1d17820494a698

  • SHA1

    bd9320ea25360f30022d876aca894d0a2fc1fe7e

  • SHA256

    254c0b2a064a61a4d27e18cb70dbd0f05f23cf19fabfa3d5589bd898359132e1

  • SHA512

    6581bb4264838dcf553429a15a31757797fcbcebab3d7885ed4ffcaeea15e8d510f7f73f843f9d1c9c37e7effc2d8b65a21c6240a9452d9fa1d5cbede238d973

  • SSDEEP

    12288:uRHvvqdAY5sG80Al4tRhGyYwS9jRwOSY7:uBa5smhJa9jRwOSY

Score
10/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      3841668355b17c060b1d17820494a698_JaffaCakes118

    • Size

      412KB

    • MD5

      3841668355b17c060b1d17820494a698

    • SHA1

      bd9320ea25360f30022d876aca894d0a2fc1fe7e

    • SHA256

      254c0b2a064a61a4d27e18cb70dbd0f05f23cf19fabfa3d5589bd898359132e1

    • SHA512

      6581bb4264838dcf553429a15a31757797fcbcebab3d7885ed4ffcaeea15e8d510f7f73f843f9d1c9c37e7effc2d8b65a21c6240a9452d9fa1d5cbede238d973

    • SSDEEP

      12288:uRHvvqdAY5sG80Al4tRhGyYwS9jRwOSY7:uBa5smhJa9jRwOSY

    Score
    10/10
    evasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks