Overview

overview

10

Static

static

3

ebb4d60f43...18.exe

windows7-x64

10

ebb4d60f43...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    ebb4d60f439ee2c8bd2338a7a0115768_JaffaCakes118

  • Size

    342KB

  • Sample

    240919-tn221axfma

  • MD5

    ebb4d60f439ee2c8bd2338a7a0115768

  • SHA1

    889667522eb12e7bfc43062d5fe13fdce1d2a0ae

  • SHA256

    e6be55b0e5a4c72c7db51dc583eb5534d3e7c5d3bb4bb243b1859e948dfe4bc5

  • SHA512

    bbf63c2fac157d5fe659d75d639f861e8e3ea8f9b3794c1e35cf14d1da72f2ce106b03a1e5c1a94ab3210bf7c8fa6484f7f0f399428e880d35cbe8596da83fcb

  • SSDEEP

    6144:Q0Yt1LcSj5PSXyggMfOLRTYO+9wTLfdvyhEwFUsjRLTt+/C:mFhgh2R8O+yFqpLh+a

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      ebb4d60f439ee2c8bd2338a7a0115768_JaffaCakes118

    • Size

      342KB

    • MD5

      ebb4d60f439ee2c8bd2338a7a0115768

    • SHA1

      889667522eb12e7bfc43062d5fe13fdce1d2a0ae

    • SHA256

      e6be55b0e5a4c72c7db51dc583eb5534d3e7c5d3bb4bb243b1859e948dfe4bc5

    • SHA512

      bbf63c2fac157d5fe659d75d639f861e8e3ea8f9b3794c1e35cf14d1da72f2ce106b03a1e5c1a94ab3210bf7c8fa6484f7f0f399428e880d35cbe8596da83fcb

    • SSDEEP

      6144:Q0Yt1LcSj5PSXyggMfOLRTYO+9wTLfdvyhEwFUsjRLTt+/C:mFhgh2R8O+yFqpLh+a

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks