Overview

overview

10

Static

static

3

dfa42d3de4...18.exe

windows7-x64

10

dfa42d3de4...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    dfa42d3de46d4e50ec99b9de37339532_JaffaCakes118

  • Size

    392KB

  • Sample

    240914-g2y62s1arc

  • MD5

    dfa42d3de46d4e50ec99b9de37339532

  • SHA1

    5416e1bf10189cf7a24c8d2ed5c9f6205d0f3ad2

  • SHA256

    bce720ff842d3b64941e7869900e190e93060349a4bd08ed70fbce6fc6252778

  • SHA512

    7b7b47ce842046d0793037ff0ad3969b0492b69ea601b5c1b94ca054c4e572369727b470f2c41c0f1667671b2d50155dc4de1fc5532aec1ddbe014157ffda5cf

  • SSDEEP

    6144:p06X2mGp9VUwTZtX02giP9YoRRQGb8gJCPankzjzVjyTVyS9m1D4sBNP5X:qjmwTZSihRQwJCi4zVWThBkNPd

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      dfa42d3de46d4e50ec99b9de37339532_JaffaCakes118

    • Size

      392KB

    • MD5

      dfa42d3de46d4e50ec99b9de37339532

    • SHA1

      5416e1bf10189cf7a24c8d2ed5c9f6205d0f3ad2

    • SHA256

      bce720ff842d3b64941e7869900e190e93060349a4bd08ed70fbce6fc6252778

    • SHA512

      7b7b47ce842046d0793037ff0ad3969b0492b69ea601b5c1b94ca054c4e572369727b470f2c41c0f1667671b2d50155dc4de1fc5532aec1ddbe014157ffda5cf

    • SSDEEP

      6144:p06X2mGp9VUwTZtX02giP9YoRRQGb8gJCPankzjzVjyTVyS9m1D4sBNP5X:qjmwTZSihRQwJCi4zVWThBkNPd

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks