Overview

overview

10

Static

static

3

c130e95e02...18.exe

windows7-x64

10

c130e95e02...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    c130e95e0276805affd0f8b0d9de7afc_JaffaCakes118

  • Size

    373KB

  • Sample

    240825-vmk8jawgll

  • MD5

    c130e95e0276805affd0f8b0d9de7afc

  • SHA1

    e5e3d037f9d082ea6bec35aaf48fe8ffe92f4c3f

  • SHA256

    1ff81c58ff3e3b5969708777bd3700539f8fc404e17ccd6624d00b86c9b50cbe

  • SHA512

    cf7d3ddb73b44057dddb558fe57d798607e2ee95a14afceb4c107e6a2a49b7036ebfd0eee340012ef54c6bfdc7e62a715652de8cebf723b00793c52971fbc02a

  • SSDEEP

    6144:0k3I9sVn4dYSp8dKJfhleVfDZoO32VgIxZh5Lyu9bcTe754aulZGWiqA9:0dswtJJleVLUuILh5rt754BaPqQ

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      c130e95e0276805affd0f8b0d9de7afc_JaffaCakes118

    • Size

      373KB

    • MD5

      c130e95e0276805affd0f8b0d9de7afc

    • SHA1

      e5e3d037f9d082ea6bec35aaf48fe8ffe92f4c3f

    • SHA256

      1ff81c58ff3e3b5969708777bd3700539f8fc404e17ccd6624d00b86c9b50cbe

    • SHA512

      cf7d3ddb73b44057dddb558fe57d798607e2ee95a14afceb4c107e6a2a49b7036ebfd0eee340012ef54c6bfdc7e62a715652de8cebf723b00793c52971fbc02a

    • SSDEEP

      6144:0k3I9sVn4dYSp8dKJfhleVfDZoO32VgIxZh5Lyu9bcTe754aulZGWiqA9:0dswtJJleVLUuILh5rt754BaPqQ

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks