80696a10e1f0b040268a5c5782c2f3f196a41dc3af5383fd3356dd3f14eace52 | Triage

Sharing

General

Target

3706fecad6e715944cefbba242097309_JaffaCakes118
Size

393KB
Sample

240711-avlttayekp
MD5

3706fecad6e715944cefbba242097309
SHA1

585652505cfc8dca0d2123be2ee73846fce50376
SHA256

80696a10e1f0b040268a5c5782c2f3f196a41dc3af5383fd3356dd3f14eace52
SHA512

c23ffd0d2ea4c12ec141056db9aa4fdc8a516b623ccaa5fa2ff58407cf19da7d22c457c5aea4b299ba0921cda49cf8fea44b5d7b3107421a358b2e87e81c4f4e
SSDEEP

12288:MV3KpJI6xj1dV9fJcEXW4OYIb5IiENCaoV8P:GCb1dV9fJhXWGHNco

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  3706fecad6e715944cefbba242097309_JaffaCakes118
- Size
  
  393KB
- MD5
  
  3706fecad6e715944cefbba242097309
- SHA1
  
  585652505cfc8dca0d2123be2ee73846fce50376
- SHA256
  
  80696a10e1f0b040268a5c5782c2f3f196a41dc3af5383fd3356dd3f14eace52
- SHA512
  
  c23ffd0d2ea4c12ec141056db9aa4fdc8a516b623ccaa5fa2ff58407cf19da7d22c457c5aea4b299ba0921cda49cf8fea44b5d7b3107421a358b2e87e81c4f4e
- SSDEEP
  
  12288:MV3KpJI6xj1dV9fJcEXW4OYIb5IiENCaoV8P:GCb1dV9fJhXWGHNco
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2