Overview

overview

10

Static

static

3

bac2139ebe...18.exe

windows7-x64

10

bac2139ebe...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bac2139ebe6c16ffc04a4101bf6eff1f_JaffaCakes118

  • Size

    395KB

  • Sample

    240823-htyqzstalp

  • MD5

    bac2139ebe6c16ffc04a4101bf6eff1f

  • SHA1

    7f64dda76e75c9b49754a374a6084b77b4da9114

  • SHA256

    d7f4680ddcaa20e74adf58c59f1e67f433d54a2f23bffe2160a3cee4e33749f5

  • SHA512

    b6e069e12fd749a9522440ca0174aef42bd4e86aa6e3ac47c5e7fa5efb61fc7ec48fcc866d1b9845900ae741523d3901fdb71c0aaab902672eeafdf24fc7c567

  • SSDEEP

    6144:RRRJG8KMBU+xo2e+5bYwCOMeruVipEMS1BWKak/wGY4mswgIxhX8784glfv3:R7U+xa8bAe6V1RUKakIGEz8Tsfv

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      bac2139ebe6c16ffc04a4101bf6eff1f_JaffaCakes118

    • Size

      395KB

    • MD5

      bac2139ebe6c16ffc04a4101bf6eff1f

    • SHA1

      7f64dda76e75c9b49754a374a6084b77b4da9114

    • SHA256

      d7f4680ddcaa20e74adf58c59f1e67f433d54a2f23bffe2160a3cee4e33749f5

    • SHA512

      b6e069e12fd749a9522440ca0174aef42bd4e86aa6e3ac47c5e7fa5efb61fc7ec48fcc866d1b9845900ae741523d3901fdb71c0aaab902672eeafdf24fc7c567

    • SSDEEP

      6144:RRRJG8KMBU+xo2e+5bYwCOMeruVipEMS1BWKak/wGY4mswgIxhX8784glfv3:R7U+xa8bAe6V1RUKakIGEz8Tsfv

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks