0127e09e67370665e2ad183a229dab901aae84d8edd166abf00db081bc192d86 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43913f52886b23cc66a2ebf5d221adbe_JaffaCakes118
Size

424KB
Sample

240713-19hntazbln
MD5

43913f52886b23cc66a2ebf5d221adbe
SHA1

8499ff1932768aa11854286cdefbe867bfe5a113
SHA256

0127e09e67370665e2ad183a229dab901aae84d8edd166abf00db081bc192d86
SHA512

1a4026217c00d9e4a589639d54fa831c88aa15d0f7f3c19f202d3296bcc0cf450e22db8508cef5be480119ec1ddf5c05e6c2738d82760df9d839eb11950ddadf
SSDEEP

6144:9rEUuyP/sPWFjy99Epk08cZ7dt/kZt8QdUof2IyNUjXpz7I5dTbA1zKXq6Sqb5:9r0DBcpbM38Q2gVeQFgTbWuX15

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  43913f52886b23cc66a2ebf5d221adbe_JaffaCakes118
- Size
  
  424KB
- MD5
  
  43913f52886b23cc66a2ebf5d221adbe
- SHA1
  
  8499ff1932768aa11854286cdefbe867bfe5a113
- SHA256
  
  0127e09e67370665e2ad183a229dab901aae84d8edd166abf00db081bc192d86
- SHA512
  
  1a4026217c00d9e4a589639d54fa831c88aa15d0f7f3c19f202d3296bcc0cf450e22db8508cef5be480119ec1ddf5c05e6c2738d82760df9d839eb11950ddadf
- SSDEEP
  
  6144:9rEUuyP/sPWFjy99Epk08cZ7dt/kZt8QdUof2IyNUjXpz7I5dTbA1zKXq6Sqb5:9r0DBcpbM38Q2gVeQFgTbWuX15
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2