Overview

overview

10

Static

static

3

a493c20a67...18.exe

windows7-x64

10

a493c20a67...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    a493c20a672b05f4a73932d30c440175_JaffaCakes118

  • Size

    340KB

  • Sample

    240817-3g2mbstbqg

  • MD5

    a493c20a672b05f4a73932d30c440175

  • SHA1

    ca64b30d775a98a9b5636d754eafdb2b3ec8cd68

  • SHA256

    bb0b48b2c13dd5607327656cf8a4ef323e086c7eb9f098a40ea9220c7049c8a4

  • SHA512

    567e8349bfb7cc3b5dd179eca2beba85e8c98ac2c072b4821289e06d0ee2cc6cb2e7ed9c39d29a1afda3f9196e24ba6b40afb5e1437b250d82e04fc99f572880

  • SSDEEP

    6144:a+u3tCLcSj5PSXyggMfOLRTYO+9wTLfdvyhEwFUsjRLTt+/Fd8:aYFhgh2R8O+yFqpLh+td8

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      a493c20a672b05f4a73932d30c440175_JaffaCakes118

    • Size

      340KB

    • MD5

      a493c20a672b05f4a73932d30c440175

    • SHA1

      ca64b30d775a98a9b5636d754eafdb2b3ec8cd68

    • SHA256

      bb0b48b2c13dd5607327656cf8a4ef323e086c7eb9f098a40ea9220c7049c8a4

    • SHA512

      567e8349bfb7cc3b5dd179eca2beba85e8c98ac2c072b4821289e06d0ee2cc6cb2e7ed9c39d29a1afda3f9196e24ba6b40afb5e1437b250d82e04fc99f572880

    • SSDEEP

      6144:a+u3tCLcSj5PSXyggMfOLRTYO+9wTLfdvyhEwFUsjRLTt+/Fd8:aYFhgh2R8O+yFqpLh+td8

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks