09b652349b59f8c69b4538cd172cccb33cfca60169fc6809abf58cde7e077a36 | Triage

Sharing

General

Target

8b043f7ba0fefacacbdc5534881a0b24_JaffaCakes118
Size

122KB
Sample

240811-th3fks1cqe
MD5

8b043f7ba0fefacacbdc5534881a0b24
SHA1

9fdc00588e8ea45b1a41ce39831de9ae53a8d16b
SHA256

09b652349b59f8c69b4538cd172cccb33cfca60169fc6809abf58cde7e077a36
SHA512

342cbcf9bb085a711d130bd08965bef6b0a8b85fcfd8ecaa52ca306b0798c6d8f9421c55eae23b485134ff327b99d21d664ae5d135af7c05e837784c02015365
SSDEEP

3072:yp4QhJsxXYClfk6y6SyBgKGg/C2p6ztO73KpfsMhpql:TQhCpBOKQg3p6zQ7Wf2

Score

6^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  8b043f7ba0fefacacbdc5534881a0b24_JaffaCakes118
- Size
  
  122KB
- MD5
  
  8b043f7ba0fefacacbdc5534881a0b24
- SHA1
  
  9fdc00588e8ea45b1a41ce39831de9ae53a8d16b
- SHA256
  
  09b652349b59f8c69b4538cd172cccb33cfca60169fc6809abf58cde7e077a36
- SHA512
  
  342cbcf9bb085a711d130bd08965bef6b0a8b85fcfd8ecaa52ca306b0798c6d8f9421c55eae23b485134ff327b99d21d664ae5d135af7c05e837784c02015365
- SSDEEP
  
  3072:yp4QhJsxXYClfk6y6SyBgKGg/C2p6ztO73KpfsMhpql:TQhCpBOKQg3p6zQ7Wf2
Score

6^/10

discovery evasion trojan
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan