5e07d480b25e665e443894dd66d23fff4b4c491761b45f8106e17c0f56b4cd37 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c193aabeee01a1c6b0131027d3ead8d_JaffaCakes118
Size

326KB
Sample

240811-1npv1athkh
MD5

8c193aabeee01a1c6b0131027d3ead8d
SHA1

d7e5a262a8eb08af5eab19d490a40a92c7522c16
SHA256

5e07d480b25e665e443894dd66d23fff4b4c491761b45f8106e17c0f56b4cd37
SHA512

3808eb77c498508ec0ef654e20c9455ec18e0858695918650a3169477d7e3e732636440b9b3b55f1fbb8718a5ed1b4ea667f9f5c89b632ee1b34d24b00055829
SSDEEP

6144:fyqwD+X1xQatU+1CEJp4XEt8l3aw9Y6zfJvkeitTDYWMtrDVmCfNuI2RINhoDPnr:fIO1xm+QoK0t4K3gCTDYWGrYzt+NST

Score

10^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  8c193aabeee01a1c6b0131027d3ead8d_JaffaCakes118
- Size
  
  326KB
- MD5
  
  8c193aabeee01a1c6b0131027d3ead8d
- SHA1
  
  d7e5a262a8eb08af5eab19d490a40a92c7522c16
- SHA256
  
  5e07d480b25e665e443894dd66d23fff4b4c491761b45f8106e17c0f56b4cd37
- SHA512
  
  3808eb77c498508ec0ef654e20c9455ec18e0858695918650a3169477d7e3e732636440b9b3b55f1fbb8718a5ed1b4ea667f9f5c89b632ee1b34d24b00055829
- SSDEEP
  
  6144:fyqwD+X1xQatU+1CEJp4XEt8l3aw9Y6zfJvkeitTDYWMtrDVmCfNuI2RINhoDPnr:fIO1xm+QoK0t4K3gCTDYWGrYzt+NST
Score

10^/10

discovery evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2