ccfacc42e1af0b5a49d36eefeeb9758bf4eacc3ba2cbde079a7f82d2c60d403a | Triage

Sharing

General

Target

4733c5654439c6fcb70d2cac73d40f73_JaffaCakes118
Size

393KB
Sample

240714-28mf2sxakj
MD5

4733c5654439c6fcb70d2cac73d40f73
SHA1

5ff017772db5048dfff47ecdc081ead95ac8de9d
SHA256

ccfacc42e1af0b5a49d36eefeeb9758bf4eacc3ba2cbde079a7f82d2c60d403a
SHA512

c56f97bee7ced8a566af53369c2362e901e5ef8dd7c05c3406369296d5638d6f4def80023bf327b8219af5eb442108d52acdb51bc2249782c3008e37ce6b3505
SSDEEP

6144:Gxg7dUShNmPhlen1GJw9B1uqY1dZHhptjYUxevM79lWzuDRsxyYZvy0TDjM7xfdR:8g7dUmmLen1G6Lkjr7plWzuDRsVqxfdR

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  4733c5654439c6fcb70d2cac73d40f73_JaffaCakes118
- Size
  
  393KB
- MD5
  
  4733c5654439c6fcb70d2cac73d40f73
- SHA1
  
  5ff017772db5048dfff47ecdc081ead95ac8de9d
- SHA256
  
  ccfacc42e1af0b5a49d36eefeeb9758bf4eacc3ba2cbde079a7f82d2c60d403a
- SHA512
  
  c56f97bee7ced8a566af53369c2362e901e5ef8dd7c05c3406369296d5638d6f4def80023bf327b8219af5eb442108d52acdb51bc2249782c3008e37ce6b3505
- SSDEEP
  
  6144:Gxg7dUShNmPhlen1GJw9B1uqY1dZHhptjYUxevM79lWzuDRsxyYZvy0TDjM7xfdR:8g7dUmmLen1G6Lkjr7plWzuDRsVqxfdR
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2