Overview

overview

10

Static

static

3

6a4f5b7270...18.exe

windows7-x64

10

6a4f5b7270...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6a4f5b727019f3f5e6821a8d9b7de4ae_JaffaCakes118

  • Size

    436KB

  • Sample

    240724-fjdxqasckh

  • MD5

    6a4f5b727019f3f5e6821a8d9b7de4ae

  • SHA1

    b5f2f0491d2f2cce53372fb324c686681cec200f

  • SHA256

    464a7469e1bb9dad5c65e40d1de5dd1d20baaa0d3947616b401242e6f35adb04

  • SHA512

    09d18a5e02d4481080901d6e0465012ee2a468ae75f828e92285178e0018e555469199177f3503092cafb721bbe98b2f15ef1e1b05ac908c3ada9f0bc64831eb

  • SSDEEP

    6144:s6pOCB1jHHBUEBwJjN8k758mbdKJRNaooNpAa7d9XtbDoHMuC10C3WW:s6ZuEBwr73/Nm8XX+suM0

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      6a4f5b727019f3f5e6821a8d9b7de4ae_JaffaCakes118

    • Size

      436KB

    • MD5

      6a4f5b727019f3f5e6821a8d9b7de4ae

    • SHA1

      b5f2f0491d2f2cce53372fb324c686681cec200f

    • SHA256

      464a7469e1bb9dad5c65e40d1de5dd1d20baaa0d3947616b401242e6f35adb04

    • SHA512

      09d18a5e02d4481080901d6e0465012ee2a468ae75f828e92285178e0018e555469199177f3503092cafb721bbe98b2f15ef1e1b05ac908c3ada9f0bc64831eb

    • SSDEEP

      6144:s6pOCB1jHHBUEBwJjN8k758mbdKJRNaooNpAa7d9XtbDoHMuC10C3WW:s6ZuEBwr73/Nm8XX+suM0

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks