Overview

overview

10

Static

static

3

831a7fb59e...18.exe

windows7-x64

10

831a7fb59e...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    831a7fb59e7ea55298375cab2e781ff9_JaffaCakes118

  • Size

    436KB

  • Sample

    240802-fhnersxalp

  • MD5

    831a7fb59e7ea55298375cab2e781ff9

  • SHA1

    86964c74198a3db48804254cca6d159f4a6c02bc

  • SHA256

    7efc0dac693cffbdd3e299a84a5c7c36c096aa2a6cc7eed8beeb306d64081d64

  • SHA512

    52a97eb8af4e5f1a68eae0a94ba5119c3a6aa5e398f4b928692000e99818ebe256cbed7a8da20e56a6f35d58778725549b54857b59e9c4080c1c6107654e1fb7

  • SSDEEP

    6144:3b7r+3bgUYzRL6E61TNO+i07poKgRFpQWWV3X7d39xPM/tJ6dupWR9aVobypkqU:3DHUYdu1POEmK8+3LdNhMlCLOVI6k

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      831a7fb59e7ea55298375cab2e781ff9_JaffaCakes118

    • Size

      436KB

    • MD5

      831a7fb59e7ea55298375cab2e781ff9

    • SHA1

      86964c74198a3db48804254cca6d159f4a6c02bc

    • SHA256

      7efc0dac693cffbdd3e299a84a5c7c36c096aa2a6cc7eed8beeb306d64081d64

    • SHA512

      52a97eb8af4e5f1a68eae0a94ba5119c3a6aa5e398f4b928692000e99818ebe256cbed7a8da20e56a6f35d58778725549b54857b59e9c4080c1c6107654e1fb7

    • SSDEEP

      6144:3b7r+3bgUYzRL6E61TNO+i07poKgRFpQWWV3X7d39xPM/tJ6dupWR9aVobypkqU:3DHUYdu1POEmK8+3LdNhMlCLOVI6k

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks