3b293154307d0fb56be433c51f3e45b8944a63b15ab2d4e10f1d961114361863 | Triage

Sharing

General

Target

da73d6123c2b7a85d959c03ded468e16_JaffaCakes118
Size

212KB
Sample

240911-qtfjeashln
MD5

da73d6123c2b7a85d959c03ded468e16
SHA1

b4e559780643e9a1719a6e730a61f3c5ee18f3d1
SHA256

3b293154307d0fb56be433c51f3e45b8944a63b15ab2d4e10f1d961114361863
SHA512

52937864b10f6a6f8f56d344da7ac26f94e08058762c2b3cac06a899d4fe121a1c6057a49214801e114b1b1138dc3e5383b4e25f4fc386708017559796cf4d9e
SSDEEP

3072:/x6UW6tpmJ5OKlO1OJSFKoqXzFQRoqLSLO3OMOKHpkdkox6IPHeqo3Sc//////Q9:/xDKZSFnqDQbLjHikm6UNc//////cN

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  da73d6123c2b7a85d959c03ded468e16_JaffaCakes118
- Size
  
  212KB
- MD5
  
  da73d6123c2b7a85d959c03ded468e16
- SHA1
  
  b4e559780643e9a1719a6e730a61f3c5ee18f3d1
- SHA256
  
  3b293154307d0fb56be433c51f3e45b8944a63b15ab2d4e10f1d961114361863
- SHA512
  
  52937864b10f6a6f8f56d344da7ac26f94e08058762c2b3cac06a899d4fe121a1c6057a49214801e114b1b1138dc3e5383b4e25f4fc386708017559796cf4d9e
- SSDEEP
  
  3072:/x6UW6tpmJ5OKlO1OJSFKoqXzFQRoqLSLO3OMOKHpkdkox6IPHeqo3Sc//////Q9:/xDKZSFnqDQbLjHikm6UNc//////cN
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan