Overview

overview

10

Static

static

3

ee14cb1f5b...18.exe

windows7-x64

10

ee14cb1f5b...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ee14cb1f5b8ec791c3e9786fdbf9c461_JaffaCakes118

  • Size

    400KB

  • Sample

    240920-vzpfqayakh

  • MD5

    ee14cb1f5b8ec791c3e9786fdbf9c461

  • SHA1

    12cbd20a52b18522208088de38d21385becd60db

  • SHA256

    50e6d4e547a4c0c27bd16c1f81428a93f654c645985e7143c0b4afeead97575d

  • SHA512

    8e0280863dce9d103cb37d31eb06a6ecc964de0b200640bbe9c1efc1017fde251c06b8ac5fbef414397242af221765f51f188c5643340e3726b0d9a3f8e65f61

  • SSDEEP

    6144:t0zNH+KJnPrjEAuEAN0Qu7/MeYmsuL/4zmZAbO+Sghlox5t9Z+6BT:SHVJjwEa0Q9eYmDQySiPgPy5nZ1

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      ee14cb1f5b8ec791c3e9786fdbf9c461_JaffaCakes118

    • Size

      400KB

    • MD5

      ee14cb1f5b8ec791c3e9786fdbf9c461

    • SHA1

      12cbd20a52b18522208088de38d21385becd60db

    • SHA256

      50e6d4e547a4c0c27bd16c1f81428a93f654c645985e7143c0b4afeead97575d

    • SHA512

      8e0280863dce9d103cb37d31eb06a6ecc964de0b200640bbe9c1efc1017fde251c06b8ac5fbef414397242af221765f51f188c5643340e3726b0d9a3f8e65f61

    • SSDEEP

      6144:t0zNH+KJnPrjEAuEAN0Qu7/MeYmsuL/4zmZAbO+Sghlox5t9Z+6BT:SHVJjwEa0Q9eYmDQySiPgPy5nZ1

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks