Overview

overview

10

Static

static

3

8df399d5c3...18.exe

windows7-x64

10

8df399d5c3...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    8df399d5c38113c13f8493df68bb9a68_JaffaCakes118

  • Size

    448KB

  • Sample

    240812-jxjxnssckp

  • MD5

    8df399d5c38113c13f8493df68bb9a68

  • SHA1

    0b7dc6d0149ad4b1c8429de7ee61d453398b8245

  • SHA256

    efde2736b7e6b3e78122118059f941bec479e4118a569264be42c437e6c7f32d

  • SHA512

    6e7a885bec0e79dc48c1f9ba31a940006bb33b55924d72dd485c6e898dad99dba50b74d6064048367ce8a6220b23aac0dce844c9ef51031582ee3ba0da837d75

  • SSDEEP

    6144:DiKezTFRf9Az4xirYFHT4NkTY1ktS0IThxFxkuI/5yzEcp9VRCmjOSOm4ElHu2Tq:Da94eFHTPkZLPrlRwSOUBF

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      8df399d5c38113c13f8493df68bb9a68_JaffaCakes118

    • Size

      448KB

    • MD5

      8df399d5c38113c13f8493df68bb9a68

    • SHA1

      0b7dc6d0149ad4b1c8429de7ee61d453398b8245

    • SHA256

      efde2736b7e6b3e78122118059f941bec479e4118a569264be42c437e6c7f32d

    • SHA512

      6e7a885bec0e79dc48c1f9ba31a940006bb33b55924d72dd485c6e898dad99dba50b74d6064048367ce8a6220b23aac0dce844c9ef51031582ee3ba0da837d75

    • SSDEEP

      6144:DiKezTFRf9Az4xirYFHT4NkTY1ktS0IThxFxkuI/5yzEcp9VRCmjOSOm4ElHu2Tq:Da94eFHTPkZLPrlRwSOUBF

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks