Overview

overview

10

Static

static

3

dad501f598...18.exe

windows7-x64

10

dad501f598...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    dad501f598051295758ce0d0ff9220aa_JaffaCakes118

  • Size

    452KB

  • Sample

    240911-vqdb4ashjd

  • MD5

    dad501f598051295758ce0d0ff9220aa

  • SHA1

    6211d57b3d206eb77d5d408b0d38cbfa2f50b5fa

  • SHA256

    4511d05a58faad513da54aaed4ba0a067bc9096b1839686f7d62e9efbc0a463b

  • SHA512

    12455f2efa0084e599fc6804c252c70e158d76140734a186897d6311f7d300a348f76300366e29d4b8abc4a0d3c3b0726286e862cb2cb06bdbaea532233a642b

  • SSDEEP

    6144:5MJAM1jn0wTo607OSZ4EdJbr8mUsBLSLX+jXVFMWYnptN/NwYJIqswGvISiP:5Onl64EdJ0mUsRSLXOFFMWYptZN5

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      dad501f598051295758ce0d0ff9220aa_JaffaCakes118

    • Size

      452KB

    • MD5

      dad501f598051295758ce0d0ff9220aa

    • SHA1

      6211d57b3d206eb77d5d408b0d38cbfa2f50b5fa

    • SHA256

      4511d05a58faad513da54aaed4ba0a067bc9096b1839686f7d62e9efbc0a463b

    • SHA512

      12455f2efa0084e599fc6804c252c70e158d76140734a186897d6311f7d300a348f76300366e29d4b8abc4a0d3c3b0726286e862cb2cb06bdbaea532233a642b

    • SSDEEP

      6144:5MJAM1jn0wTo607OSZ4EdJbr8mUsBLSLX+jXVFMWYnptN/NwYJIqswGvISiP:5Onl64EdJ0mUsRSLXOFFMWYptZN5

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks