Overview

overview

10

Static

static

3

ec8a3f000c...18.exe

windows7-x64

10

ec8a3f000c...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ec8a3f000c51638b3e80791098b46e29_JaffaCakes118

  • Size

    376KB

  • Sample

    240920-bg7pss1epn

  • MD5

    ec8a3f000c51638b3e80791098b46e29

  • SHA1

    baf1f0fa57285871a11ab4e998f0d162cc04d0fc

  • SHA256

    4604748edc2e13aea8658820168972c0854feebacaa2d3b4e67342f17aebf48d

  • SHA512

    a5aff8cb1976603add440faef7f1e7c06065f21342f11677166c9b43ce0a9c7c09c02148e94185cb79d70502d3a3c908136449ccaf7e63354876050a357fc35c

  • SSDEEP

    6144:fwqSyM5LElOB2l0X110L7lMweciNVTXv/5L1y+LetOyfXJXgp/yF++9xXu2RO:fVSB5glpl0FAxecAVT3yyetz5XyyplO

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      ec8a3f000c51638b3e80791098b46e29_JaffaCakes118

    • Size

      376KB

    • MD5

      ec8a3f000c51638b3e80791098b46e29

    • SHA1

      baf1f0fa57285871a11ab4e998f0d162cc04d0fc

    • SHA256

      4604748edc2e13aea8658820168972c0854feebacaa2d3b4e67342f17aebf48d

    • SHA512

      a5aff8cb1976603add440faef7f1e7c06065f21342f11677166c9b43ce0a9c7c09c02148e94185cb79d70502d3a3c908136449ccaf7e63354876050a357fc35c

    • SSDEEP

      6144:fwqSyM5LElOB2l0X110L7lMweciNVTXv/5L1y+LetOyfXJXgp/yF++9xXu2RO:fVSB5glpl0FAxecAVT3yyetz5XyyplO

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks