Overview

overview

10

Static

static

3

eed6a42eb1...18.exe

windows7-x64

10

eed6a42eb1...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eed6a42eb18bdc99bdd5cc46a120b765_JaffaCakes118

  • Size

    456KB

  • Sample

    240921-b6ds1szaqb

  • MD5

    eed6a42eb18bdc99bdd5cc46a120b765

  • SHA1

    97625d6cb7ca4aaaa306bcd7ee0d2c6512124bae

  • SHA256

    e3bf532589f9e90e1d6ab9f3a4eccefbad088633bdda9e4e3bdd95ca5b93af27

  • SHA512

    92700131d4dd8311d7fdff93a11ab4da99f8b72031a34ba0742f31ea77dc97a11712c1e5d44c5264539d227d11efd589a3de6b43b120c96aaab12296e491d427

  • SSDEEP

    6144:djmYP2QFA0CV31akrJc/9uwyuWRreo5tYP/CESBF/QRPtoTyNEpW1iJ4xC:d94VrCVFyuarqCESPoRFolWoG

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      eed6a42eb18bdc99bdd5cc46a120b765_JaffaCakes118

    • Size

      456KB

    • MD5

      eed6a42eb18bdc99bdd5cc46a120b765

    • SHA1

      97625d6cb7ca4aaaa306bcd7ee0d2c6512124bae

    • SHA256

      e3bf532589f9e90e1d6ab9f3a4eccefbad088633bdda9e4e3bdd95ca5b93af27

    • SHA512

      92700131d4dd8311d7fdff93a11ab4da99f8b72031a34ba0742f31ea77dc97a11712c1e5d44c5264539d227d11efd589a3de6b43b120c96aaab12296e491d427

    • SSDEEP

      6144:djmYP2QFA0CV31akrJc/9uwyuWRreo5tYP/CESBF/QRPtoTyNEpW1iJ4xC:d94VrCVFyuarqCESPoRFolWoG

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks