bddd75d96c58a06f12d587e2f79429f52add23a6880104726974deeda15f706b | Triage

Sharing

General

Target

ee1c8271e158c49fa60ced208d1c55a4_JaffaCakes118
Size

456KB
Sample

240920-waeqnayepb
MD5

ee1c8271e158c49fa60ced208d1c55a4
SHA1

4b3962f9d84ff29fcd381762c5d08bfadfea7158
SHA256

bddd75d96c58a06f12d587e2f79429f52add23a6880104726974deeda15f706b
SHA512

d479f3043bcf0dca1111014717093a38d1cebfe39caf37c309ff2c20594066ec6e0e245954d2537f155d1b5eaa9a9b2a64f27b8801b3af540c425c216a24e851
SSDEEP

12288:UFp4JSsC4Gmbw58mnZ67OQ8zPAu/oh0xB:e4vTo6KdLAugc

Score

10^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ee1c8271e158c49fa60ced208d1c55a4_JaffaCakes118
- Size
  
  456KB
- MD5
  
  ee1c8271e158c49fa60ced208d1c55a4
- SHA1
  
  4b3962f9d84ff29fcd381762c5d08bfadfea7158
- SHA256
  
  bddd75d96c58a06f12d587e2f79429f52add23a6880104726974deeda15f706b
- SHA512
  
  d479f3043bcf0dca1111014717093a38d1cebfe39caf37c309ff2c20594066ec6e0e245954d2537f155d1b5eaa9a9b2a64f27b8801b3af540c425c216a24e851
- SSDEEP
  
  12288:UFp4JSsC4Gmbw58mnZ67OQ8zPAu/oh0xB:e4vTo6KdLAugc
Score

10^/10

discovery evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2