Overview

overview

10

Static

static

3

da48f4032c...18.exe

windows7-x64

10

da48f4032c...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    da48f4032c4e4e3ac083d81395a964d1_JaffaCakes118

  • Size

    360KB

  • Sample

    240911-nzbfjaycnp

  • MD5

    da48f4032c4e4e3ac083d81395a964d1

  • SHA1

    4b8dbb3ba2940f66069fb097392745dae5864576

  • SHA256

    4709015e94377a49f882a55d0cf6a64c792e65a6d990138a9a98d531d479a966

  • SHA512

    beb1620af904102b24db5f77e20ebcc850d97442c342a538cae19810899fba8b870929ac08d580d0741933dda3c68f61b8baa2a69d0aa9112a1adf310026fb32

  • SSDEEP

    6144:+OTVSa4XosbU6U+IuZZA8YixxIjzStjXWLeeeaABQ/ShgAO09Ec:vSnrbaSZ1TezSNGuyKhg/U

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      da48f4032c4e4e3ac083d81395a964d1_JaffaCakes118

    • Size

      360KB

    • MD5

      da48f4032c4e4e3ac083d81395a964d1

    • SHA1

      4b8dbb3ba2940f66069fb097392745dae5864576

    • SHA256

      4709015e94377a49f882a55d0cf6a64c792e65a6d990138a9a98d531d479a966

    • SHA512

      beb1620af904102b24db5f77e20ebcc850d97442c342a538cae19810899fba8b870929ac08d580d0741933dda3c68f61b8baa2a69d0aa9112a1adf310026fb32

    • SSDEEP

      6144:+OTVSa4XosbU6U+IuZZA8YixxIjzStjXWLeeeaABQ/ShgAO09Ec:vSnrbaSZ1TezSNGuyKhg/U

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks