Overview

overview

10

Static

static

3

a2154c10cc...18.exe

windows7-x64

10

a2154c10cc...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a2154c10cc7b19cc82b07d76af32fa2c_JaffaCakes118

  • Size

    340KB

  • Sample

    240817-lwfvqszare

  • MD5

    a2154c10cc7b19cc82b07d76af32fa2c

  • SHA1

    c56b62a96a8f5c2e2d44dcf8a4378c7f8bbd9dd6

  • SHA256

    369e1a4d4c6a8ad19a70ba786ff4230608c71fdebd96860de91ae8845e9a0b80

  • SHA512

    b0341a809b7c893d5276b4ee59a09614e771e1b25d36f14c59bd55b45619e5e6e60fc4dffe7e49a6b2d87e2842faef3075d68ff35479b7a1da38e21abee040f7

  • SSDEEP

    6144:ptOdKF7Yta2UM5IxXF/tIKAL7iFE7sNBo+aa9R3HJxvkSuM4PydZAx+q:C1tUM5aV/oLOVfhaa9ZpVSx+q

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      a2154c10cc7b19cc82b07d76af32fa2c_JaffaCakes118

    • Size

      340KB

    • MD5

      a2154c10cc7b19cc82b07d76af32fa2c

    • SHA1

      c56b62a96a8f5c2e2d44dcf8a4378c7f8bbd9dd6

    • SHA256

      369e1a4d4c6a8ad19a70ba786ff4230608c71fdebd96860de91ae8845e9a0b80

    • SHA512

      b0341a809b7c893d5276b4ee59a09614e771e1b25d36f14c59bd55b45619e5e6e60fc4dffe7e49a6b2d87e2842faef3075d68ff35479b7a1da38e21abee040f7

    • SSDEEP

      6144:ptOdKF7Yta2UM5IxXF/tIKAL7iFE7sNBo+aa9R3HJxvkSuM4PydZAx+q:C1tUM5aV/oLOVfhaa9ZpVSx+q

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks