Overview

overview

10

Static

static

3

e0f73df720...18.exe

windows7-x64

10

e0f73df720...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    e0f73df7202485ab6117742ba32b0c14_JaffaCakes118

  • Size

    432KB

  • Sample

    240914-y6scqsvana

  • MD5

    e0f73df7202485ab6117742ba32b0c14

  • SHA1

    6fb18185ee8740d1c673cd4d4cc275e172b4631f

  • SHA256

    b8ca69a603b8123f61b4d1b1cbe3577c8f8ffefc3ae5e3e40b443db1753626c1

  • SHA512

    8c507eed3c7db490260b7a2d69473bb47da2404a60e029072c50fa5565199f203d75d98e0a5a2643143e42b5709cdf7ea5c7ba2d49ccce66c11953b2715f7138

  • SSDEEP

    12288:FyiHDBNOMpAaBYUAXqM5Pyfs79r+XIauktB9BI:FycDBkraB7AX75quCB9BI

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      e0f73df7202485ab6117742ba32b0c14_JaffaCakes118

    • Size

      432KB

    • MD5

      e0f73df7202485ab6117742ba32b0c14

    • SHA1

      6fb18185ee8740d1c673cd4d4cc275e172b4631f

    • SHA256

      b8ca69a603b8123f61b4d1b1cbe3577c8f8ffefc3ae5e3e40b443db1753626c1

    • SHA512

      8c507eed3c7db490260b7a2d69473bb47da2404a60e029072c50fa5565199f203d75d98e0a5a2643143e42b5709cdf7ea5c7ba2d49ccce66c11953b2715f7138

    • SSDEEP

      12288:FyiHDBNOMpAaBYUAXqM5Pyfs79r+XIauktB9BI:FycDBkraB7AX75quCB9BI

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks