01147e290481ab11a212b999aedabdbf2bee711abaf0226f61ebb711a827fe4e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26465078ced2d4fdd387b6c1ce19ed5f_JaffaCakes118
Size

456KB
Sample

240704-1bj4zssdjc
MD5

26465078ced2d4fdd387b6c1ce19ed5f
SHA1

81bcff269eaa78f4fb0def16634b8553d1f69445
SHA256

01147e290481ab11a212b999aedabdbf2bee711abaf0226f61ebb711a827fe4e
SHA512

c974af2a8ceabadcb26dc72edb183efd7672f896e501a8a1f9a755b7df6bc802b48cdfa63ae921868c095507bec56a1db4f6322c2276995adfe270c40f3d2ba0
SSDEEP

6144:dLQBFWKMRIMzrAtet3yGueUdy3tvn+Djb/B6ziRt1eAAgWncdzGQ4y34J1N:dLKRMRduI3ieUYvn+PbkW4C4Qh

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  26465078ced2d4fdd387b6c1ce19ed5f_JaffaCakes118
- Size
  
  456KB
- MD5
  
  26465078ced2d4fdd387b6c1ce19ed5f
- SHA1
  
  81bcff269eaa78f4fb0def16634b8553d1f69445
- SHA256
  
  01147e290481ab11a212b999aedabdbf2bee711abaf0226f61ebb711a827fe4e
- SHA512
  
  c974af2a8ceabadcb26dc72edb183efd7672f896e501a8a1f9a755b7df6bc802b48cdfa63ae921868c095507bec56a1db4f6322c2276995adfe270c40f3d2ba0
- SSDEEP
  
  6144:dLQBFWKMRIMzrAtet3yGueUdy3tvn+Djb/B6ziRt1eAAgWncdzGQ4y34J1N:dLKRMRduI3ieUYvn+PbkW4C4Qh
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2