4f09b4ad0ffb43e1ed0143ead32d85ec75128d55e470b786305fd31d9701fdda | Triage

Sharing

General

Target

3e9edccb1ad390dd648e4e27f871f2fb_JaffaCakes118
Size

360KB
Sample

240712-ycbg5azbrg
MD5

3e9edccb1ad390dd648e4e27f871f2fb
SHA1

0ec2db073989ce2b6ac9390c18e79743891df7f8
SHA256

4f09b4ad0ffb43e1ed0143ead32d85ec75128d55e470b786305fd31d9701fdda
SHA512

dbf2115a92ce1b200822bff71f86e9ea23256556aec4b8819badc6a02e940fe673797736ccfed55b19d49a2b75fc3574892f73c35dc5e41bdb5509034ad306be
SSDEEP

6144:MIsSI4sf/V5bl+fP2cYmd1DtC0XcSVEM+ukwGq/y5RWDBgp1kc:MIsSn6rbIfPpNXcS5+ukbbWDQ1k

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  3e9edccb1ad390dd648e4e27f871f2fb_JaffaCakes118
- Size
  
  360KB
- MD5
  
  3e9edccb1ad390dd648e4e27f871f2fb
- SHA1
  
  0ec2db073989ce2b6ac9390c18e79743891df7f8
- SHA256
  
  4f09b4ad0ffb43e1ed0143ead32d85ec75128d55e470b786305fd31d9701fdda
- SHA512
  
  dbf2115a92ce1b200822bff71f86e9ea23256556aec4b8819badc6a02e940fe673797736ccfed55b19d49a2b75fc3574892f73c35dc5e41bdb5509034ad306be
- SSDEEP
  
  6144:MIsSI4sf/V5bl+fP2cYmd1DtC0XcSVEM+ukwGq/y5RWDBgp1kc:MIsSn6rbIfPpNXcS5+ukbbWDQ1k
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2