7e1dd0fda76cd66634ee5fa4ae017dc5d17f28e9462b067143d0073293121ee4 | Triage

Sharing

General

Target

265f05f7d7ee7b1264e5b589ff592b7c_JaffaCakes118
Size

432KB
Sample

240704-1t1vfstdja
MD5

265f05f7d7ee7b1264e5b589ff592b7c
SHA1

023dd08327b2e442b0d3ee7e0c68ee8e42138d29
SHA256

7e1dd0fda76cd66634ee5fa4ae017dc5d17f28e9462b067143d0073293121ee4
SHA512

24d15510cbfbb53f6892e56f73734031b5729e1ae9064b30bc9ff80acc9a043ad34dd5d3857e8d8e33b022901f4bf49a83830746f81c7c54012e923be0e7dae1
SSDEEP

6144:I9rLGof40vR9YLlgBf8Dqguo5sgRFEZ44q7KJDN7bkgp8tNVo:IBGgvsLKpg/JErq7MDNnkFtN

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  265f05f7d7ee7b1264e5b589ff592b7c_JaffaCakes118
- Size
  
  432KB
- MD5
  
  265f05f7d7ee7b1264e5b589ff592b7c
- SHA1
  
  023dd08327b2e442b0d3ee7e0c68ee8e42138d29
- SHA256
  
  7e1dd0fda76cd66634ee5fa4ae017dc5d17f28e9462b067143d0073293121ee4
- SHA512
  
  24d15510cbfbb53f6892e56f73734031b5729e1ae9064b30bc9ff80acc9a043ad34dd5d3857e8d8e33b022901f4bf49a83830746f81c7c54012e923be0e7dae1
- SSDEEP
  
  6144:I9rLGof40vR9YLlgBf8Dqguo5sgRFEZ44q7KJDN7bkgp8tNVo:IBGgvsLKpg/JErq7MDNnkFtN
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2