Overview

overview

10

Static

static

3

ed926b8a96...18.exe

windows7-x64

10

ed926b8a96...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ed926b8a966088c3c6d4b807c4a76d36_JaffaCakes118

  • Size

    452KB

  • Sample

    240920-phemaswbnh

  • MD5

    ed926b8a966088c3c6d4b807c4a76d36

  • SHA1

    0ce6aacb20028a1e9929e9cfb9bb71f853c31e8d

  • SHA256

    9305a9b525f4f3ff503c712badc93184b2b066bbb27e22428768ba577f88cb35

  • SHA512

    5dcdb5328dc59b9a026e0d506d521fa67a98783929876c8e7982e1da100a21fc0c900467d504c76376a8245defd1778213beb2187e08378327faa065b068f66c

  • SSDEEP

    6144:QMJAYcjrEpoUW5wxI1xw6RPRIUnRs1Tn2iQuS43PwdBKgYwZ3kWosfNfKd6t:Qds5W5cKxJOURsh2iQz43PGKgY8UWFD

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      ed926b8a966088c3c6d4b807c4a76d36_JaffaCakes118

    • Size

      452KB

    • MD5

      ed926b8a966088c3c6d4b807c4a76d36

    • SHA1

      0ce6aacb20028a1e9929e9cfb9bb71f853c31e8d

    • SHA256

      9305a9b525f4f3ff503c712badc93184b2b066bbb27e22428768ba577f88cb35

    • SHA512

      5dcdb5328dc59b9a026e0d506d521fa67a98783929876c8e7982e1da100a21fc0c900467d504c76376a8245defd1778213beb2187e08378327faa065b068f66c

    • SSDEEP

      6144:QMJAYcjrEpoUW5wxI1xw6RPRIUnRs1Tn2iQuS43PwdBKgYwZ3kWosfNfKd6t:Qds5W5cKxJOURsh2iQz43PGKgY8UWFD

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks