Overview

overview

10

Static

static

3

b27f7a5ba0...18.exe

windows7-x64

10

b27f7a5ba0...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    b27f7a5ba05c5c3bc4ea2c4c11c87673_JaffaCakes118

  • Size

    416KB

  • Sample

    240821-hqbgaavdpd

  • MD5

    b27f7a5ba05c5c3bc4ea2c4c11c87673

  • SHA1

    f8c3ae0e4dec43dfb7a7c8c7c3254b3ce569b783

  • SHA256

    4e259ba1aeba9a2a4d6732641479f72d8541bf78f43a37948379a1b04556b308

  • SHA512

    06d588bfde59cc8fe9f3e1c69864a2bbd4369938268672a79957f90d6ee6de4b1c3e155098b6d22254f0a5b2f581917ffcd35f1dc030f19acf41bd95430bc7bf

  • SSDEEP

    6144:E8BL6r/791pngZ3hZd/5gyplltDjqEqL4B+1Tc3oB2madzzNakwHFG+2:E8B27Tx+T/jqEqI73oBIzN4H

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      b27f7a5ba05c5c3bc4ea2c4c11c87673_JaffaCakes118

    • Size

      416KB

    • MD5

      b27f7a5ba05c5c3bc4ea2c4c11c87673

    • SHA1

      f8c3ae0e4dec43dfb7a7c8c7c3254b3ce569b783

    • SHA256

      4e259ba1aeba9a2a4d6732641479f72d8541bf78f43a37948379a1b04556b308

    • SHA512

      06d588bfde59cc8fe9f3e1c69864a2bbd4369938268672a79957f90d6ee6de4b1c3e155098b6d22254f0a5b2f581917ffcd35f1dc030f19acf41bd95430bc7bf

    • SSDEEP

      6144:E8BL6r/791pngZ3hZd/5gyplltDjqEqL4B+1Tc3oB2madzzNakwHFG+2:E8B27Tx+T/jqEqI73oBIzN4H

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks