adb6c0feb60da684913d18dd0f239cb0189dea107d44e9da3e62b69760b75890 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2438149857d99675e182ee4bdf80a0a_JaffaCakes118
Size

326KB
Sample

240817-m2kljsvdqr
MD5

a2438149857d99675e182ee4bdf80a0a
SHA1

13961be29533973fc575d3f427fc7faf051ec207
SHA256

adb6c0feb60da684913d18dd0f239cb0189dea107d44e9da3e62b69760b75890
SHA512

8a7c22e5ec670a8eed27eb145e8b78d4092d4c5690d4d3486ac8e04274ec9f3a5515bf252272ce46751f99c6cdafd0fbd455e1c25d529bf2a8b7348bd41780ce
SSDEEP

6144:RqwD+X1xQatU+1CEJp4XEt8l3aw9Y6zfJvkeitTDYWMtrDVmCfNuI2RINhoDPnr:nO1xm+QoK0t4K3gCTDYWGrYzt+NST

Score

10^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  a2438149857d99675e182ee4bdf80a0a_JaffaCakes118
- Size
  
  326KB
- MD5
  
  a2438149857d99675e182ee4bdf80a0a
- SHA1
  
  13961be29533973fc575d3f427fc7faf051ec207
- SHA256
  
  adb6c0feb60da684913d18dd0f239cb0189dea107d44e9da3e62b69760b75890
- SHA512
  
  8a7c22e5ec670a8eed27eb145e8b78d4092d4c5690d4d3486ac8e04274ec9f3a5515bf252272ce46751f99c6cdafd0fbd455e1c25d529bf2a8b7348bd41780ce
- SSDEEP
  
  6144:RqwD+X1xQatU+1CEJp4XEt8l3aw9Y6zfJvkeitTDYWMtrDVmCfNuI2RINhoDPnr:nO1xm+QoK0t4K3gCTDYWGrYzt+NST
Score

10^/10

discovery evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2