Overview

overview

10

Static

static

3

d264329c7c...18.exe

windows7-x64

10

d264329c7c...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    d264329c7cd32591ff4fe86274e227a3_JaffaCakes118

  • Size

    393KB

  • Sample

    240907-t968vatejk

  • MD5

    d264329c7cd32591ff4fe86274e227a3

  • SHA1

    ec5c637766c5fb6bfa7e203b7fd202f2307779d7

  • SHA256

    a636fcb37aaf9b7f63fa297fb27cbf30ee34cb8fec27128eee7116574cfa7aca

  • SHA512

    bf619179674d0ac768c9d8cad9a99db5c9d0206bdb25814f34d04f7cbc817630961391b90b80ff8fc91055d5686b6312acae8f3254ebf42a20bf88771619b53f

  • SSDEEP

    12288:t1n3KpJI6xj1dV9fJcEXW4OYIb5IiENCaTbAL:tJCb1dV9fJhXWGHNDbAL

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      d264329c7cd32591ff4fe86274e227a3_JaffaCakes118

    • Size

      393KB

    • MD5

      d264329c7cd32591ff4fe86274e227a3

    • SHA1

      ec5c637766c5fb6bfa7e203b7fd202f2307779d7

    • SHA256

      a636fcb37aaf9b7f63fa297fb27cbf30ee34cb8fec27128eee7116574cfa7aca

    • SHA512

      bf619179674d0ac768c9d8cad9a99db5c9d0206bdb25814f34d04f7cbc817630961391b90b80ff8fc91055d5686b6312acae8f3254ebf42a20bf88771619b53f

    • SSDEEP

      12288:t1n3KpJI6xj1dV9fJcEXW4OYIb5IiENCaTbAL:tJCb1dV9fJhXWGHNDbAL

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks