47485d4656a7ce299f64d04a6484e786f544e1e41b1147174f91a902f56f7868 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c25c912a85aac4976b4850ea91941485_JaffaCakes118
Size

390KB
Sample

240826-f3blpsxdlg
MD5

c25c912a85aac4976b4850ea91941485
SHA1

4ee9290458ab43114a442ae788270e9f527cdc9b
SHA256

47485d4656a7ce299f64d04a6484e786f544e1e41b1147174f91a902f56f7868
SHA512

c3c8f70e4bb4649293fc5becf7a0d96f7a1a4461fa30c502d8e1efc86d544a9a67df08f876087bd2fa394593490809a4491792707759d4d5bd16e4a9ed9f344d
SSDEEP

6144:y1qwD+X1xQatU+1CEJp4XEt8l3aw9Y6zfJvkeitTDYWMtrDVmCfNuI2RINhoDPnr:yjO1xm+QoK0t4K3gCTDYWGrYzt+NST

Score

10^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  c25c912a85aac4976b4850ea91941485_JaffaCakes118
- Size
  
  390KB
- MD5
  
  c25c912a85aac4976b4850ea91941485
- SHA1
  
  4ee9290458ab43114a442ae788270e9f527cdc9b
- SHA256
  
  47485d4656a7ce299f64d04a6484e786f544e1e41b1147174f91a902f56f7868
- SHA512
  
  c3c8f70e4bb4649293fc5becf7a0d96f7a1a4461fa30c502d8e1efc86d544a9a67df08f876087bd2fa394593490809a4491792707759d4d5bd16e4a9ed9f344d
- SSDEEP
  
  6144:y1qwD+X1xQatU+1CEJp4XEt8l3aw9Y6zfJvkeitTDYWMtrDVmCfNuI2RINhoDPnr:yjO1xm+QoK0t4K3gCTDYWGrYzt+NST
Score

10^/10

discovery evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2