Overview

overview

10

Static

static

3

8d9bee16b0...18.exe

windows7-x64

10

8d9bee16b0...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    8d9bee16b0efd6ca5a40b93f46b12418_JaffaCakes118

  • Size

    400KB

  • Sample

    240812-gvzt1ashjd

  • MD5

    8d9bee16b0efd6ca5a40b93f46b12418

  • SHA1

    ad9aaa8bf36a611669a6fe3bdb4cd71ba14d903c

  • SHA256

    c2e65723dddf40bcc93e36639dc3336284ae7d1f30c27505134f31e8e07e97e4

  • SHA512

    31a28eb122b22ea538ec1cf23a8142118bdd4b059b68e93b9fcf8e99d5f3df91b64473dc70463b4a677047fc5e57be85a59f377e94ceb2fa8d763a938d961dc3

  • SSDEEP

    6144:vs1vWAnI0pDq8hQEbSjWG8rr6SNiiTzDskCFzC3wq1oP8B5mVZLsgNT:vs1u81q8hQmSQOSYAM9FObpzmVh9NT

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      8d9bee16b0efd6ca5a40b93f46b12418_JaffaCakes118

    • Size

      400KB

    • MD5

      8d9bee16b0efd6ca5a40b93f46b12418

    • SHA1

      ad9aaa8bf36a611669a6fe3bdb4cd71ba14d903c

    • SHA256

      c2e65723dddf40bcc93e36639dc3336284ae7d1f30c27505134f31e8e07e97e4

    • SHA512

      31a28eb122b22ea538ec1cf23a8142118bdd4b059b68e93b9fcf8e99d5f3df91b64473dc70463b4a677047fc5e57be85a59f377e94ceb2fa8d763a938d961dc3

    • SSDEEP

      6144:vs1vWAnI0pDq8hQEbSjWG8rr6SNiiTzDskCFzC3wq1oP8B5mVZLsgNT:vs1u81q8hQmSQOSYAM9FObpzmVh9NT

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks