Overview

overview

10

Static

static

3

8c66ebba2d...18.exe

windows7-x64

10

8c66ebba2d...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    8c66ebba2da145146c0cbf6070694bde_JaffaCakes118

  • Size

    384KB

  • Sample

    240811-3ejczatgln

  • MD5

    8c66ebba2da145146c0cbf6070694bde

  • SHA1

    24ed51a6c837b66fe0329a3c5e02eec9a5590687

  • SHA256

    bed6905ce8779a95bd5b8d26d2a07d1b9befbf64ec768f3a112957477c0e05af

  • SHA512

    67013979980249fe36de93d457302507af09f301dbdb53aa94c2221b0b2e5ea07b45979fc55ead9d8f4094aae9f1e5b26c7bce59069d574cae508897ac4e1bf7

  • SSDEEP

    6144:FSt0Rv55G5ke9MRs0On1SIFs7Bqwtj9kJ8c0IITjZ0N7/cYL9duz4hwOUu808OhT:HR5GdCs0O1BkBqwtjFc0fTjZOT59ozIT

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      8c66ebba2da145146c0cbf6070694bde_JaffaCakes118

    • Size

      384KB

    • MD5

      8c66ebba2da145146c0cbf6070694bde

    • SHA1

      24ed51a6c837b66fe0329a3c5e02eec9a5590687

    • SHA256

      bed6905ce8779a95bd5b8d26d2a07d1b9befbf64ec768f3a112957477c0e05af

    • SHA512

      67013979980249fe36de93d457302507af09f301dbdb53aa94c2221b0b2e5ea07b45979fc55ead9d8f4094aae9f1e5b26c7bce59069d574cae508897ac4e1bf7

    • SSDEEP

      6144:FSt0Rv55G5ke9MRs0On1SIFs7Bqwtj9kJ8c0IITjZ0N7/cYL9duz4hwOUu808OhT:HR5GdCs0O1BkBqwtjFc0fTjZOT59ozIT

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks