fc765f4be50f7013dfacc83e16cc10d958f5b963e87aff29f0678d06e707dad4 | Triage

Sharing

General

Target

4555206fce7143d2b71a5ae667fb2611_JaffaCakes118
Size

342KB
Sample

240714-l1n2xawbpm
MD5

4555206fce7143d2b71a5ae667fb2611
SHA1

417f710078f543e5c43938ccdd1e87c953a327cb
SHA256

fc765f4be50f7013dfacc83e16cc10d958f5b963e87aff29f0678d06e707dad4
SHA512

e467785e00c1cf294e1faaf5564551d3a052a0e84bf3550099fd3bc42ee26d59946a9268a218c2d0fb53c653765fd1a20fcff0710a272a30b0b0b7ea52aeaa96
SSDEEP

6144:qnt5YveIk44ai9PakfDYtlUKS2pf/xYLcu5NC9wXMq0jKI/gOwTnq4:KYvDsakbClM2pxYB3CuM/xbr4

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  4555206fce7143d2b71a5ae667fb2611_JaffaCakes118
- Size
  
  342KB
- MD5
  
  4555206fce7143d2b71a5ae667fb2611
- SHA1
  
  417f710078f543e5c43938ccdd1e87c953a327cb
- SHA256
  
  fc765f4be50f7013dfacc83e16cc10d958f5b963e87aff29f0678d06e707dad4
- SHA512
  
  e467785e00c1cf294e1faaf5564551d3a052a0e84bf3550099fd3bc42ee26d59946a9268a218c2d0fb53c653765fd1a20fcff0710a272a30b0b0b7ea52aeaa96
- SSDEEP
  
  6144:qnt5YveIk44ai9PakfDYtlUKS2pf/xYLcu5NC9wXMq0jKI/gOwTnq4:KYvDsakbClM2pxYB3CuM/xbr4
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2