4a98f2d37fa976b520913d3e901f51e731efcd2d07be4623d52c50de9224c763 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47c67a96e05d86d8f61c78112e7c8b30_JaffaCakes118
Size

352KB
Sample

240715-ckzc9swaqh
MD5

47c67a96e05d86d8f61c78112e7c8b30
SHA1

191d0af700ccd2f4223e6f220a20e6cf6ccd28df
SHA256

4a98f2d37fa976b520913d3e901f51e731efcd2d07be4623d52c50de9224c763
SHA512

55cee911684938bbad1fb293c0d1be483a65bc4eb6bb9c4d147d28ed9274e066a81d36688e32b313ec179582aa0c74d80ea20feeee80d3763d0edcf048b3f95e
SSDEEP

6144:2Ltic3JFPEDaaUB+76EFQrPBxdRoRK5IRPTdmXE6Qd3yTRNc8lGUJ8DVM3S5I:+ZFM2aUBI6PDBVsLPd3y10V8OI

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  47c67a96e05d86d8f61c78112e7c8b30_JaffaCakes118
- Size
  
  352KB
- MD5
  
  47c67a96e05d86d8f61c78112e7c8b30
- SHA1
  
  191d0af700ccd2f4223e6f220a20e6cf6ccd28df
- SHA256
  
  4a98f2d37fa976b520913d3e901f51e731efcd2d07be4623d52c50de9224c763
- SHA512
  
  55cee911684938bbad1fb293c0d1be483a65bc4eb6bb9c4d147d28ed9274e066a81d36688e32b313ec179582aa0c74d80ea20feeee80d3763d0edcf048b3f95e
- SSDEEP
  
  6144:2Ltic3JFPEDaaUB+76EFQrPBxdRoRK5IRPTdmXE6Qd3yTRNc8lGUJ8DVM3S5I:+ZFM2aUBI6PDBVsLPd3y10V8OI
Score

10^/10

evasion trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2