977990f04007cd758cbff40fb5aa66ca546ed1ed4f8602b640205b5162399b1b | Triage

Sharing

General

Target

0298c3946a9b87400fd7d4cf381d68f6_JaffaCakes118
Size

357KB
Sample

240620-eg5f8asall
MD5

0298c3946a9b87400fd7d4cf381d68f6
SHA1

a369820d21f8959044a73961979a274ce3314b36
SHA256

977990f04007cd758cbff40fb5aa66ca546ed1ed4f8602b640205b5162399b1b
SHA512

f80d1a30ca92dac7f1bc177374f6abfbf9d69c2490ad24ec140464782485f7ec438666cbd09e47aaebffe40bd1113bb9d97d2f862cecda3b2f6a222b1f1e37c2
SSDEEP

6144:E84mQm9nFK7Ax+LYBrtSRbIqz+WSrLGj+wvjG+qhloMHDjFN2LuPbNNi04w:MoMAxQ1bH8azq0SFN2SBw4

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  0298c3946a9b87400fd7d4cf381d68f6_JaffaCakes118
- Size
  
  357KB
- MD5
  
  0298c3946a9b87400fd7d4cf381d68f6
- SHA1
  
  a369820d21f8959044a73961979a274ce3314b36
- SHA256
  
  977990f04007cd758cbff40fb5aa66ca546ed1ed4f8602b640205b5162399b1b
- SHA512
  
  f80d1a30ca92dac7f1bc177374f6abfbf9d69c2490ad24ec140464782485f7ec438666cbd09e47aaebffe40bd1113bb9d97d2f862cecda3b2f6a222b1f1e37c2
- SSDEEP
  
  6144:E84mQm9nFK7Ax+LYBrtSRbIqz+WSrLGj+wvjG+qhloMHDjFN2LuPbNNi04w:MoMAxQ1bH8azq0SFN2SBw4
Score

10^/10

evasion trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2