52bd35dbb0a393f952096a135fc0d8bddf2892977e72a547f604d53433addfb5 | Triage

Resubmissions

12-08-2024 19:23

240812-x3zrzazfqd 10

12-08-2024 19:07

240812-xs25cazbpd 10

11-08-2024 02:13

240811-cntl7azfnl 10

Sharing

General

Target

889956cee776d41937c39e225d3e72b6_JaffaCakes118
Size

10.1MB
Sample

240812-xs25cazbpd
MD5

889956cee776d41937c39e225d3e72b6
SHA1

cc8d22b6c453deb2ac2826610cb001b3dd0e9771
SHA256

52bd35dbb0a393f952096a135fc0d8bddf2892977e72a547f604d53433addfb5
SHA512

2fde4df02392114a2e2676963d05d2a40c748710de7e30dad3deb1083fa1e991c85ae49520d679905ae21eaaed7f0458f38454ce04ea1d6544576f0ca3934de4
SSDEEP

196608:JAw2q0MYZLUFq6f07RGqOu0GIawyGkFk2uH4Fe4Baw0YzDOD0O7TjQq3IZ:76gFNMFuu0GIawyG714B/yD0OPje

Score

10^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  889956cee776d41937c39e225d3e72b6_JaffaCakes118
- Size
  
  10.1MB
- MD5
  
  889956cee776d41937c39e225d3e72b6
- SHA1
  
  cc8d22b6c453deb2ac2826610cb001b3dd0e9771
- SHA256
  
  52bd35dbb0a393f952096a135fc0d8bddf2892977e72a547f604d53433addfb5
- SHA512
  
  2fde4df02392114a2e2676963d05d2a40c748710de7e30dad3deb1083fa1e991c85ae49520d679905ae21eaaed7f0458f38454ce04ea1d6544576f0ca3934de4
- SSDEEP
  
  196608:JAw2q0MYZLUFq6f07RGqOu0GIawyGkFk2uH4Fe4Baw0YzDOD0O7TjQq3IZ:76gFNMFuu0GIawyG714B/yD0OPje
Score

10^/10

discovery evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Impair Defenses

Disable or Modify Tools

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan