Overview

overview

10

Static

static

3

ef4c9534f2...18.exe

windows7-x64

10

ef4c9534f2...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ef4c9534f294ff38f611e26c1ab25f3a_JaffaCakes118

  • Size

    436KB

  • Sample

    240921-h13nhszhqf

  • MD5

    ef4c9534f294ff38f611e26c1ab25f3a

  • SHA1

    170bb76285fd50aa61e489c70a9dfd1ee96897e9

  • SHA256

    cfb337524259f8339267c6ac2b7f0fadecc5356dd0116b785ae53b4cf98b9a10

  • SHA512

    399e9648824bdfd488ba63692fba2372cde1526330128abba62b60c597f38d76a3d9849c79d65d4827e92570c3cc8230d970a805e706e629a96649cfe7580006

  • SSDEEP

    6144:onwIKHl/agdUlloJHyLC69xROOo77QJrZTKVjJW4dsBRXE2tGuY3p1WO:onilSgdKioT9loY/GV1W+iRU9uYZUO

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      ef4c9534f294ff38f611e26c1ab25f3a_JaffaCakes118

    • Size

      436KB

    • MD5

      ef4c9534f294ff38f611e26c1ab25f3a

    • SHA1

      170bb76285fd50aa61e489c70a9dfd1ee96897e9

    • SHA256

      cfb337524259f8339267c6ac2b7f0fadecc5356dd0116b785ae53b4cf98b9a10

    • SHA512

      399e9648824bdfd488ba63692fba2372cde1526330128abba62b60c597f38d76a3d9849c79d65d4827e92570c3cc8230d970a805e706e629a96649cfe7580006

    • SSDEEP

      6144:onwIKHl/agdUlloJHyLC69xROOo77QJrZTKVjJW4dsBRXE2tGuY3p1WO:onilSgdKioT9loY/GV1W+iRU9uYZUO

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks