Overview

overview

10

Static

static

3

f58fdc7661...18.exe

windows7-x64

10

f58fdc7661...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f58fdc7661fce832e1e2d4af27b8d02e_JaffaCakes118

  • Size

    370KB

  • Sample

    240925-jzxxbaxcqe

  • MD5

    f58fdc7661fce832e1e2d4af27b8d02e

  • SHA1

    a9d4527941f7b8a3624905d72328fb6bcf859873

  • SHA256

    36285f8cfbe2319124c96bc2ade9677f879c0c58d114505961a842679d8ecd05

  • SHA512

    5009adcd2b1a3805070482671b2786e83ce41ac40260ebe253b53daa910c5786d0daeaba0b6698eca1fbbd80ddedf1b2d2d08c60f32ad05cd269e44f6d85f41f

  • SSDEEP

    6144:tk9kmoMOXSyHyC3jRSaZjmi/KaeF/ae/X7FwHqYLAzB:Kam8XVHjNSaZy0KaA/auX0h4

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      f58fdc7661fce832e1e2d4af27b8d02e_JaffaCakes118

    • Size

      370KB

    • MD5

      f58fdc7661fce832e1e2d4af27b8d02e

    • SHA1

      a9d4527941f7b8a3624905d72328fb6bcf859873

    • SHA256

      36285f8cfbe2319124c96bc2ade9677f879c0c58d114505961a842679d8ecd05

    • SHA512

      5009adcd2b1a3805070482671b2786e83ce41ac40260ebe253b53daa910c5786d0daeaba0b6698eca1fbbd80ddedf1b2d2d08c60f32ad05cd269e44f6d85f41f

    • SSDEEP

      6144:tk9kmoMOXSyHyC3jRSaZjmi/KaeF/ae/X7FwHqYLAzB:Kam8XVHjNSaZy0KaA/auX0h4

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks