08d76833643a2041c5447683094cfed7af4555e1fcc8f46f75744cbabd865cbb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a209bd36ac294f296f0b54bee4124a7_JaffaCakes118
Size

340KB
Sample

240628-prbxrssdnq
MD5

1a209bd36ac294f296f0b54bee4124a7
SHA1

650c75e10a9f56d7ffbf97e2ba3e21f44ef3cb57
SHA256

08d76833643a2041c5447683094cfed7af4555e1fcc8f46f75744cbabd865cbb
SHA512

ddb073dcd4c59fcfad87bff96cd81199f3cfb9c2e8ec12541f42e641a11a5f9753e8a4be1d40f95eb84b710fb4bb512b65c275ee9ae9500d42a8b2f687548b5e
SSDEEP

6144:w1tKdKF7Yta2UM5IxXF/tIKAL7iFE7sNBo+aa9R3HJxvkSuM4Pydm5/t/81:v1tUM5aV/oLOVfhaa9ZpVe561

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  1a209bd36ac294f296f0b54bee4124a7_JaffaCakes118
- Size
  
  340KB
- MD5
  
  1a209bd36ac294f296f0b54bee4124a7
- SHA1
  
  650c75e10a9f56d7ffbf97e2ba3e21f44ef3cb57
- SHA256
  
  08d76833643a2041c5447683094cfed7af4555e1fcc8f46f75744cbabd865cbb
- SHA512
  
  ddb073dcd4c59fcfad87bff96cd81199f3cfb9c2e8ec12541f42e641a11a5f9753e8a4be1d40f95eb84b710fb4bb512b65c275ee9ae9500d42a8b2f687548b5e
- SSDEEP
  
  6144:w1tKdKF7Yta2UM5IxXF/tIKAL7iFE7sNBo+aa9R3HJxvkSuM4Pydm5/t/81:v1tUM5aV/oLOVfhaa9ZpVe561
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2