Overview

overview

10

Static

static

3

de10ef1e41...18.exe

windows7-x64

10

de10ef1e41...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    de10ef1e41ae89d2f650913e02756fc8_JaffaCakes118

  • Size

    392KB

  • Sample

    240913-kg2cfsvalc

  • MD5

    de10ef1e41ae89d2f650913e02756fc8

  • SHA1

    b5390d80a51a51494d9321d3cd6dc64b99cf7ee1

  • SHA256

    25cabbb8c6930db8ac881bb9600766d76e4be9807b5b97ee30ec229e10fdd1c7

  • SHA512

    8ad7b8d22760de52c0826b3e2c6c7fbf0f18a30798009c9deca64c8470ba3edb9b2de5e295d7e568c82e75a86a6277290034659ce1fb430c9b49aeeedcbaa18d

  • SSDEEP

    6144:SUM1wG0fljKQIZhzc7HVHtf5vuyh+ajZCsuAMXMzFHCD/yr07oAH4KsDVM38:jM/ApUvsfRh+ajZCBAMXoUK0VHGV88

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      de10ef1e41ae89d2f650913e02756fc8_JaffaCakes118

    • Size

      392KB

    • MD5

      de10ef1e41ae89d2f650913e02756fc8

    • SHA1

      b5390d80a51a51494d9321d3cd6dc64b99cf7ee1

    • SHA256

      25cabbb8c6930db8ac881bb9600766d76e4be9807b5b97ee30ec229e10fdd1c7

    • SHA512

      8ad7b8d22760de52c0826b3e2c6c7fbf0f18a30798009c9deca64c8470ba3edb9b2de5e295d7e568c82e75a86a6277290034659ce1fb430c9b49aeeedcbaa18d

    • SSDEEP

      6144:SUM1wG0fljKQIZhzc7HVHtf5vuyh+ajZCsuAMXMzFHCD/yr07oAH4KsDVM38:jM/ApUvsfRh+ajZCBAMXoUK0VHGV88

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks