Overview

overview

10

Static

static

3

fb400d46db...18.exe

windows7-x64

10

fb400d46db...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    fb400d46dbf5066081256de9e60c922d_JaffaCakes118

  • Size

    456KB

  • Sample

    240928-bxad8sscne

  • MD5

    fb400d46dbf5066081256de9e60c922d

  • SHA1

    a15df47292ed2b03d84dc5b8680e13ce63903fda

  • SHA256

    3310e2d8167913e365b5837f19162a84de0903c78b1a62cc255115b5c5eea31a

  • SHA512

    00645d4a348eba24fd7092f3ab70c431f44f8a484dd0959a5fda20bcbdac708d77d6b6f31f8c56c2dc6ae4f837caea7a767c1d9c9024280818aa3a493625e097

  • SSDEEP

    6144:zjmYP2QFA0CV31akrJc/9uwyuWRreo5tYP/CESBF/QRPtoTyNEpW1iJ4DC:z94VrCVFyuarqCESPoRFolWoG

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      fb400d46dbf5066081256de9e60c922d_JaffaCakes118

    • Size

      456KB

    • MD5

      fb400d46dbf5066081256de9e60c922d

    • SHA1

      a15df47292ed2b03d84dc5b8680e13ce63903fda

    • SHA256

      3310e2d8167913e365b5837f19162a84de0903c78b1a62cc255115b5c5eea31a

    • SHA512

      00645d4a348eba24fd7092f3ab70c431f44f8a484dd0959a5fda20bcbdac708d77d6b6f31f8c56c2dc6ae4f837caea7a767c1d9c9024280818aa3a493625e097

    • SSDEEP

      6144:zjmYP2QFA0CV31akrJc/9uwyuWRreo5tYP/CESBF/QRPtoTyNEpW1iJ4DC:z94VrCVFyuarqCESPoRFolWoG

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks