fe11b24fda62807936265e77b2e5952ce2df1443fe0c5a65a3a0d5425cc38f00 | Triage

Sharing

General

Target

eee73fadc2e62877f7ff9aed6822144b_JaffaCakes118
Size

390KB
Sample

240921-cycres1cqp
MD5

eee73fadc2e62877f7ff9aed6822144b
SHA1

32821001b1ac8cbc981b399344b2b243344111c1
SHA256

fe11b24fda62807936265e77b2e5952ce2df1443fe0c5a65a3a0d5425cc38f00
SHA512

b7e3bd8cf5d5f073e42ce86fce4376285c08f75f04e87cbc4c2806f52500d1c82f50cad37bf756d8135c5d78f2b8cc291c24963506d47f3464b12da3de886b8b
SSDEEP

6144:y1qwD+X1xQatU+1CEJp4XEt8l3aw9Y6zfJvkeitTDYWMtrDVmCfNuI2RINhoDPnr:yjO1xm+QoK0t4K3gCTDYWGrYzt+NST

Score

10^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  eee73fadc2e62877f7ff9aed6822144b_JaffaCakes118
- Size
  
  390KB
- MD5
  
  eee73fadc2e62877f7ff9aed6822144b
- SHA1
  
  32821001b1ac8cbc981b399344b2b243344111c1
- SHA256
  
  fe11b24fda62807936265e77b2e5952ce2df1443fe0c5a65a3a0d5425cc38f00
- SHA512
  
  b7e3bd8cf5d5f073e42ce86fce4376285c08f75f04e87cbc4c2806f52500d1c82f50cad37bf756d8135c5d78f2b8cc291c24963506d47f3464b12da3de886b8b
- SSDEEP
  
  6144:y1qwD+X1xQatU+1CEJp4XEt8l3aw9Y6zfJvkeitTDYWMtrDVmCfNuI2RINhoDPnr:yjO1xm+QoK0t4K3gCTDYWGrYzt+NST
Score

10^/10

discovery evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2