Overview

overview

10

Static

static

3

ef27d7ba02...18.exe

windows7-x64

10

ef27d7ba02...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ef27d7ba029def0a48a5739f9837b99b_JaffaCakes118

  • Size

    456KB

  • Sample

    240921-f9m83sxdjp

  • MD5

    ef27d7ba029def0a48a5739f9837b99b

  • SHA1

    c3f1d15a8f9da3e791698fd3244a462203b7ae88

  • SHA256

    43c2f6c9739901591d2e833df6a12fdcb5fccac9a55c9c7bda181d6df289dc54

  • SHA512

    c263141d38868f6fe0e027fbde3c7d7a3c16459dc1742b6d99d4c21269bb1789893c2ea3d2cd94511dd3b869fd04b915ff49087790f6d86b50875c2e1347fa6d

  • SSDEEP

    6144:UfjmYaMhVFhGwuM9Cx8vnqedT9NswR7QF6E0BpUQAukdzO2cXNok720:K/V/Gw4x4qedTwaQFR0/UQAHcXNok7p

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      ef27d7ba029def0a48a5739f9837b99b_JaffaCakes118

    • Size

      456KB

    • MD5

      ef27d7ba029def0a48a5739f9837b99b

    • SHA1

      c3f1d15a8f9da3e791698fd3244a462203b7ae88

    • SHA256

      43c2f6c9739901591d2e833df6a12fdcb5fccac9a55c9c7bda181d6df289dc54

    • SHA512

      c263141d38868f6fe0e027fbde3c7d7a3c16459dc1742b6d99d4c21269bb1789893c2ea3d2cd94511dd3b869fd04b915ff49087790f6d86b50875c2e1347fa6d

    • SSDEEP

      6144:UfjmYaMhVFhGwuM9Cx8vnqedT9NswR7QF6E0BpUQAukdzO2cXNok720:K/V/Gw4x4qedTwaQFR0/UQAHcXNok7p

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks