cbff3eb136163d3108724dd91659cb0425d3abda2cf97d49c150f5391d7a5e17 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0dac5f520e96f07d50c6bb7e930e04ec_JaffaCakes118
Size

795KB
Sample

240625-l7j2jatclf
MD5

0dac5f520e96f07d50c6bb7e930e04ec
SHA1

4cac319a58326190d74b4ac64bb79e752cf72da3
SHA256

cbff3eb136163d3108724dd91659cb0425d3abda2cf97d49c150f5391d7a5e17
SHA512

524f1f3d517c9feb73d02abb779649e99cc66261e6f749138406dd46db725e8070354c121b2839398d82c505d43be3ca391a74616719ee4ef9ace810d7bc8287
SSDEEP

24576:GMw6ce/U26Cb5KaXKseD0nye08WIcshy/Oet:CI/U26CNZX9ektDhhet

Score

8^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  0dac5f520e96f07d50c6bb7e930e04ec_JaffaCakes118
- Size
  
  795KB
- MD5
  
  0dac5f520e96f07d50c6bb7e930e04ec
- SHA1
  
  4cac319a58326190d74b4ac64bb79e752cf72da3
- SHA256
  
  cbff3eb136163d3108724dd91659cb0425d3abda2cf97d49c150f5391d7a5e17
- SHA512
  
  524f1f3d517c9feb73d02abb779649e99cc66261e6f749138406dd46db725e8070354c121b2839398d82c505d43be3ca391a74616719ee4ef9ace810d7bc8287
- SSDEEP
  
  24576:GMw6ce/U26Cb5KaXKseD0nye08WIcshy/Oet:CI/U26CNZX9ektDhhet
Score

8^/10

evasion persistence trojan
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan