67672f834f933fed057ef630293221a5a46687c1d1656776cf378b8637062447 | Triage

Sharing

General

Target

ffe2d2dd736ffefc03ab601d330371c6_JaffaCakes118
Size

344KB
Sample

240421-wz2aysgg73
MD5

ffe2d2dd736ffefc03ab601d330371c6
SHA1

e255f41fe960ab48929fa65a32785f3e8c5a3abc
SHA256

67672f834f933fed057ef630293221a5a46687c1d1656776cf378b8637062447
SHA512

7b8b07e785ee2b6ce2e5db6ee825e220d6ce2ea480f83dc78d7d863f8e9fee3e3f16d5039f3fe09231a5e06babbd00ebd9b41dc2e63bcfb26ff9cbc6cd026a15
SSDEEP

6144:7rOYeg8hY2Uw/M9sKBsEhPSVqW6kti4zDDcyMHKi4OTxXVmev+knrY2OM5t:27g8hYLa/4SVN6EzPcyMHKBOTxlmev+F

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  ffe2d2dd736ffefc03ab601d330371c6_JaffaCakes118
- Size
  
  344KB
- MD5
  
  ffe2d2dd736ffefc03ab601d330371c6
- SHA1
  
  e255f41fe960ab48929fa65a32785f3e8c5a3abc
- SHA256
  
  67672f834f933fed057ef630293221a5a46687c1d1656776cf378b8637062447
- SHA512
  
  7b8b07e785ee2b6ce2e5db6ee825e220d6ce2ea480f83dc78d7d863f8e9fee3e3f16d5039f3fe09231a5e06babbd00ebd9b41dc2e63bcfb26ff9cbc6cd026a15
- SSDEEP
  
  6144:7rOYeg8hY2Uw/M9sKBsEhPSVqW6kti4zDDcyMHKi4OTxXVmev+knrY2OM5t:27g8hYLa/4SVN6EzPcyMHKBOTxlmev+F
Score

10^/10

evasion trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2