Overview

overview

10

Static

static

3

fa73eeb250...18.exe

windows7-x64

10

fa73eeb250...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fa73eeb2504a9d9e7e66f1b14513971e_JaffaCakes118

  • Size

    396KB

  • Sample

    240927-qadkpstdpj

  • MD5

    fa73eeb2504a9d9e7e66f1b14513971e

  • SHA1

    93086e88dca29dfc675e9853ed21782c62dc2f4e

  • SHA256

    90e8a5f1f556dbf9e828414fb53e149571cc277818a2eaf4fd93b2c228063809

  • SHA512

    2dc5337dc88b2eca5fae53ca28469f91a09a63cb7320da7b50bc54893663904a92d000b5ea1f8e01e0993669bd9fa2627f29181b66d47a3e5cc5e4770f3e8fdd

  • SSDEEP

    6144:/QMirGyGQBBVOJnptAHDKKo/VaShM4D4JzVPHd6DSNNTXWGCD8:WrBxsptlK8D2JPHcGHXWV

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      fa73eeb2504a9d9e7e66f1b14513971e_JaffaCakes118

    • Size

      396KB

    • MD5

      fa73eeb2504a9d9e7e66f1b14513971e

    • SHA1

      93086e88dca29dfc675e9853ed21782c62dc2f4e

    • SHA256

      90e8a5f1f556dbf9e828414fb53e149571cc277818a2eaf4fd93b2c228063809

    • SHA512

      2dc5337dc88b2eca5fae53ca28469f91a09a63cb7320da7b50bc54893663904a92d000b5ea1f8e01e0993669bd9fa2627f29181b66d47a3e5cc5e4770f3e8fdd

    • SSDEEP

      6144:/QMirGyGQBBVOJnptAHDKKo/VaShM4D4JzVPHd6DSNNTXWGCD8:WrBxsptlK8D2JPHcGHXWV

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks