16f89ed254a35a787c812358dbae78901da112b70d393677b1daec3f46a06c53 | Triage

Sharing

General

Target

e1f791d687ae95ee3a00fd5168e5d547_JaffaCakes118
Size

352KB
Sample

240915-h511gssajg
MD5

e1f791d687ae95ee3a00fd5168e5d547
SHA1

d9bbc9a97401580d392ac41087bcfae18be90000
SHA256

16f89ed254a35a787c812358dbae78901da112b70d393677b1daec3f46a06c53
SHA512

c1b67e8d768c25647229488c6cc61976ac80c54056c19f874ec090e43a0a2988a80e08ca93d4e3d8aa15f565c0b1da61cb76840a2598c8f399e0518d7cc23368
SSDEEP

6144:E/tKdAk7d+gmLP2bF4oQjpfRmhSmF9D+Ez9ubifpQa/I0XgUI:EbkJm04oQjp50iEz9y+ia/I0dI

Score

10^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  e1f791d687ae95ee3a00fd5168e5d547_JaffaCakes118
- Size
  
  352KB
- MD5
  
  e1f791d687ae95ee3a00fd5168e5d547
- SHA1
  
  d9bbc9a97401580d392ac41087bcfae18be90000
- SHA256
  
  16f89ed254a35a787c812358dbae78901da112b70d393677b1daec3f46a06c53
- SHA512
  
  c1b67e8d768c25647229488c6cc61976ac80c54056c19f874ec090e43a0a2988a80e08ca93d4e3d8aa15f565c0b1da61cb76840a2598c8f399e0518d7cc23368
- SSDEEP
  
  6144:E/tKdAk7d+gmLP2bF4oQjpfRmhSmF9D+Ez9ubifpQa/I0XgUI:EbkJm04oQjp50iEz9y+ia/I0dI
Score

10^/10

discovery evasion trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2