03af87214a0a95116f7165bc67dcde8eddcb27ad4ac79ec7483bfcf3f03241f0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84ba080effdbeafc9f21c0c3ae68a429_JaffaCakes118
Size

393KB
Sample

240810-ekdgxavdqp
MD5

84ba080effdbeafc9f21c0c3ae68a429
SHA1

a2afc7495c5931b9563c42d2d03670a5ded0ef41
SHA256

03af87214a0a95116f7165bc67dcde8eddcb27ad4ac79ec7483bfcf3f03241f0
SHA512

18652bb829552c918ddae4b9015097ab6a154cd43015efa81c8d1800c182eeb4263f27321a9f24e2b6daa7cd92c79f18f726822485638fc141d895ede6ade4b1
SSDEEP

12288:CV3KpJI6xj1dV9fJcEXW4OYIb5IiENCaoV8P:sCb1dV9fJhXWGHNco

Score

10^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  84ba080effdbeafc9f21c0c3ae68a429_JaffaCakes118
- Size
  
  393KB
- MD5
  
  84ba080effdbeafc9f21c0c3ae68a429
- SHA1
  
  a2afc7495c5931b9563c42d2d03670a5ded0ef41
- SHA256
  
  03af87214a0a95116f7165bc67dcde8eddcb27ad4ac79ec7483bfcf3f03241f0
- SHA512
  
  18652bb829552c918ddae4b9015097ab6a154cd43015efa81c8d1800c182eeb4263f27321a9f24e2b6daa7cd92c79f18f726822485638fc141d895ede6ade4b1
- SSDEEP
  
  12288:CV3KpJI6xj1dV9fJcEXW4OYIb5IiENCaoV8P:sCb1dV9fJhXWGHNco
Score

10^/10

discovery evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2