Overview

overview

10

Static

static

3

fd4e4a7ecd...18.exe

windows7-x64

10

fd4e4a7ecd...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    fd4e4a7ecd03e31edf0957a9d0e07803_JaffaCakes118

  • Size

    432KB

  • Sample

    240928-2vhwpssfkd

  • MD5

    fd4e4a7ecd03e31edf0957a9d0e07803

  • SHA1

    5bd9635e4a26ad547e8dab5ff02767d06fe1f377

  • SHA256

    7f0385ae1ec8436958bc3f5f9673bffbb3a123647109750c8d8c1ee248572e9e

  • SHA512

    d96c6aae912de4b5090fb843422e2d0310333e7a11186ebf5cc5512f199b1dd6fc30362eea95668b46aacb743d2c6f246e151e2f5c48b75b4533a944c34d4ef1

  • SSDEEP

    6144:wOQwxJPHOUjDJYqfz8HXNtiPHtFXFwOXbWFSL8tWEJ7RxlPn69Y:wMJfOChfKYH7XFRiFRtBn969

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      fd4e4a7ecd03e31edf0957a9d0e07803_JaffaCakes118

    • Size

      432KB

    • MD5

      fd4e4a7ecd03e31edf0957a9d0e07803

    • SHA1

      5bd9635e4a26ad547e8dab5ff02767d06fe1f377

    • SHA256

      7f0385ae1ec8436958bc3f5f9673bffbb3a123647109750c8d8c1ee248572e9e

    • SHA512

      d96c6aae912de4b5090fb843422e2d0310333e7a11186ebf5cc5512f199b1dd6fc30362eea95668b46aacb743d2c6f246e151e2f5c48b75b4533a944c34d4ef1

    • SSDEEP

      6144:wOQwxJPHOUjDJYqfz8HXNtiPHtFXFwOXbWFSL8tWEJ7RxlPn69Y:wMJfOChfKYH7XFRiFRtBn969

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks