Overview

overview

10

Static

static

3

JaffaCakes...85.exe

windows7-x64

10

JaffaCakes...85.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_6ff82c4483581a18fa02a8ac57715085

  • Size

    172KB

  • Sample

    250107-vz39waspbq

  • MD5

    6ff82c4483581a18fa02a8ac57715085

  • SHA1

    7fc2c71857303a1482e481a709641071b420211b

  • SHA256

    756dc4f19885a172d732c357b69d085f8639ad3a12dcc9744777d021cad55bd0

  • SHA512

    7357e94c14bdcdd6c17bf9ea4c53af10679bee0ffb95d16f36a8318d3388ee70ec78208d1186a4648babea4acb0bee0f58f178db912e4334725075e237f26c5b

  • SSDEEP

    3072:rrn2sdgVurf7Nlou998baRYX22CancRu7AlSfDEPCNIj2BMwhq3Q1+Lk5L/+eHkE:nn2sd0ufXX3I+HzPwP3Jz

Score
10/10
njratdiscoveryevasionpersistenceprivilege_escalationtrojan

Malware Config

Targets

    • Target

      JaffaCakes118_6ff82c4483581a18fa02a8ac57715085

    • Size

      172KB

    • MD5

      6ff82c4483581a18fa02a8ac57715085

    • SHA1

      7fc2c71857303a1482e481a709641071b420211b

    • SHA256

      756dc4f19885a172d732c357b69d085f8639ad3a12dcc9744777d021cad55bd0

    • SHA512

      7357e94c14bdcdd6c17bf9ea4c53af10679bee0ffb95d16f36a8318d3388ee70ec78208d1186a4648babea4acb0bee0f58f178db912e4334725075e237f26c5b

    • SSDEEP

      3072:rrn2sdgVurf7Nlou998baRYX22CancRu7AlSfDEPCNIj2BMwhq3Q1+Lk5L/+eHkE:nn2sd0ufXX3I+HzPwP3Jz

    Score
    10/10
    njratdiscoveryevasionpersistenceprivilege_escalationtrojan

    • Njrat family

      njrat

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks