Overview

overview

10

Static

static

3

a5054d353e...18.exe

windows7-x64

10

a5054d353e...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a5054d353e2bdfc910790e27404065bd_JaffaCakes118

  • Size

    400KB

  • Sample

    240818-cvasnatarq

  • MD5

    a5054d353e2bdfc910790e27404065bd

  • SHA1

    0364783c3344bfd81c78cecce666fe66d2600460

  • SHA256

    2cf194af744000b1255de2bf8079e9b7ff0ccec09a0b9fc4a4da721eaf547caa

  • SHA512

    ee1fc662744401c45137103c59f251cd66278ecfb663d96d1ffe851b803046d292c910a50301938ba554b3b7cddfa4c0349b1c700f757d0dab0b9048f37af1fd

  • SSDEEP

    12288:ZmQJljkD8V8rdft6lAT7Rq1oC8qfYfBPNShBEBiBXB6BqXBSBksKBKzM6ToP2bGS:/wD86BsIGYpD

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      a5054d353e2bdfc910790e27404065bd_JaffaCakes118

    • Size

      400KB

    • MD5

      a5054d353e2bdfc910790e27404065bd

    • SHA1

      0364783c3344bfd81c78cecce666fe66d2600460

    • SHA256

      2cf194af744000b1255de2bf8079e9b7ff0ccec09a0b9fc4a4da721eaf547caa

    • SHA512

      ee1fc662744401c45137103c59f251cd66278ecfb663d96d1ffe851b803046d292c910a50301938ba554b3b7cddfa4c0349b1c700f757d0dab0b9048f37af1fd

    • SSDEEP

      12288:ZmQJljkD8V8rdft6lAT7Rq1oC8qfYfBPNShBEBiBXB6BqXBSBksKBKzM6ToP2bGS:/wD86BsIGYpD

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks