Overview

overview

10

Static

static

3

ecdadc80f2...18.exe

windows7-x64

10

ecdadc80f2...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ecdadc80f216291b9c229dfbc3b93b6b_JaffaCakes118

  • Size

    452KB

  • Sample

    240920-e9nn6syfme

  • MD5

    ecdadc80f216291b9c229dfbc3b93b6b

  • SHA1

    fa2ed92a854942021365e2b847c36318888579e7

  • SHA256

    410a9cca69de8b95629e648c6ae1cb6959871be66da8a1f12ced82c9a875e3d4

  • SHA512

    2eadad2e2ca7f478dd9f74c79b39d4e165fa16193fef5bc0563f0e95e90cf3a9c7cefddb771e36f490ac22241151cd8f6017178ac1d0cb05c155823fdba15f6e

  • SSDEEP

    6144:MMJAdFG6BkBQuyO2Yc8Sck4mtAuYuvtE7fHJoL3gUfg7Fx4PwIx6LCJEj:MJG2AQ7OtoN41/eG7fH+1fYFx4J6f

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      ecdadc80f216291b9c229dfbc3b93b6b_JaffaCakes118

    • Size

      452KB

    • MD5

      ecdadc80f216291b9c229dfbc3b93b6b

    • SHA1

      fa2ed92a854942021365e2b847c36318888579e7

    • SHA256

      410a9cca69de8b95629e648c6ae1cb6959871be66da8a1f12ced82c9a875e3d4

    • SHA512

      2eadad2e2ca7f478dd9f74c79b39d4e165fa16193fef5bc0563f0e95e90cf3a9c7cefddb771e36f490ac22241151cd8f6017178ac1d0cb05c155823fdba15f6e

    • SSDEEP

      6144:MMJAdFG6BkBQuyO2Yc8Sck4mtAuYuvtE7fHJoL3gUfg7Fx4PwIx6LCJEj:MJG2AQ7OtoN41/eG7fH+1fYFx4J6f

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks