6a3ba520ce946c2bae1d70a6af427ac2b9e6b2c8d9ea0cbfaa50ed739ef718ba | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67585188a0471eca7f60e3ae3fb4ea38_JaffaCakes118
Size

44KB
Sample

240723-m9xk3ssfkg
MD5

67585188a0471eca7f60e3ae3fb4ea38
SHA1

c2d8adee50d4c29c8947f93a492a81ed2ddff4a5
SHA256

6a3ba520ce946c2bae1d70a6af427ac2b9e6b2c8d9ea0cbfaa50ed739ef718ba
SHA512

80778ada72ef07df64ca6cc5bb57602a2b9819822c298a95844b9a6e689f86089a46e80e9754cce2fa8c75b778134dcff681f6c64edcdfc5e95a797b48427aeb
SSDEEP

384:vzxRfNhp3ccqu+c6H28888888888888888888888888888888888888888888885:bT6cqu/6HCncG1etoQ7pN90S31yViHa

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  67585188a0471eca7f60e3ae3fb4ea38_JaffaCakes118
- Size
  
  44KB
- MD5
  
  67585188a0471eca7f60e3ae3fb4ea38
- SHA1
  
  c2d8adee50d4c29c8947f93a492a81ed2ddff4a5
- SHA256
  
  6a3ba520ce946c2bae1d70a6af427ac2b9e6b2c8d9ea0cbfaa50ed739ef718ba
- SHA512
  
  80778ada72ef07df64ca6cc5bb57602a2b9819822c298a95844b9a6e689f86089a46e80e9754cce2fa8c75b778134dcff681f6c64edcdfc5e95a797b48427aeb
- SSDEEP
  
  384:vzxRfNhp3ccqu+c6H28888888888888888888888888888888888888888888885:bT6cqu/6HCncG1etoQ7pN90S31yViHa
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Windows security modification
  evasion trojan
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan