Overview

overview

10

Static

static

3

ef2b0cc037...18.exe

windows7-x64

10

ef2b0cc037...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ef2b0cc037686916ec8c42f0f7544c5d_JaffaCakes118

  • Size

    416KB

  • Sample

    240921-ge83qsxdpf

  • MD5

    ef2b0cc037686916ec8c42f0f7544c5d

  • SHA1

    ea96fa553a4e4c4644a098a70b5fd9942a6f40ba

  • SHA256

    531e1dd2f284a22ba6f7dedb476dae562530d2eaf9d872eca732bbce473a53cc

  • SHA512

    467c271ddc4a66093d1b2621e8956aa746df1fca39695bb1c80770c0d5cd0fae7fa815713037bd244d157b21f93a91c0ff525a909166c530989b716bc94f68d5

  • SSDEEP

    6144:kvBGuFMx815N3YCn6dP3HrD5lYvvLaLR7dIr5VyJNyU47WfVdi5tA8KCPmZD+sj:kvBO8NHneXyOLR7dIr3Q747Q/aUx

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      ef2b0cc037686916ec8c42f0f7544c5d_JaffaCakes118

    • Size

      416KB

    • MD5

      ef2b0cc037686916ec8c42f0f7544c5d

    • SHA1

      ea96fa553a4e4c4644a098a70b5fd9942a6f40ba

    • SHA256

      531e1dd2f284a22ba6f7dedb476dae562530d2eaf9d872eca732bbce473a53cc

    • SHA512

      467c271ddc4a66093d1b2621e8956aa746df1fca39695bb1c80770c0d5cd0fae7fa815713037bd244d157b21f93a91c0ff525a909166c530989b716bc94f68d5

    • SSDEEP

      6144:kvBGuFMx815N3YCn6dP3HrD5lYvvLaLR7dIr5VyJNyU47WfVdi5tA8KCPmZD+sj:kvBO8NHneXyOLR7dIr3Q747Q/aUx

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks