7e18747b28d32a0f592a99114fc41c6d27d29e9bf3b1390f303979d1255bd9b3 | Triage

Sharing

General

Target

3dc01d3d9321148327e8ef5cf6293687_JaffaCakes118
Size

561KB
Sample

241013-exs35ashpj
MD5

3dc01d3d9321148327e8ef5cf6293687
SHA1

ab95e4b322dda3d0f2b8e64869a705a73b934e5c
SHA256

7e18747b28d32a0f592a99114fc41c6d27d29e9bf3b1390f303979d1255bd9b3
SHA512

def26df970413126f0dcd83ad575af97c51c279b167a06c7546063429d6e55f15303de3c2b5021f097c105c7c6c4f229f49cc5bb9079de0691e0fe74ed47b0ca
SSDEEP

12288:oI52eWXzcc5aIbJDELFFF8bcAqjus6DuHC7q9JIoqVyIduL6HspjaR+v:t52dh5aIbJELKVzs6/GSWAuL6HspV

Score

6^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  SignSiS.exe
- Size
  
  56KB
- MD5
  
  b87c86ef11f574b8a64af1aca2946f71
- SHA1
  
  48449c6b97165939adfb68bd247219f4c3022b58
- SHA256
  
  1d8d1ec3eefd9222ebb438c0dafa88a1a02cfb048ae55f063b9874d209e0dcfd
- SHA512
  
  8e9854e0366e2f0efb10d6610fce2a810d77868b5bd81c1393fdda90e3ca7abdecf790a4ebcfe026a78c24a38c75a72ed341a65d9b016e9c3c26f5cebe6c601e
- SSDEEP
  
  768:cXDHn3Z+IvOc2Zef+NOHd/ougxh3Z+IvO:cD3Z+0gOHB8xh3Z+
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  sign.exe
- Size
  
  1.1MB
- MD5
  
  8618545dc56ec98b427c914274baf52a
- SHA1
  
  7ca09b8c97c9ce720975b6f0c810f50ff2e613c4
- SHA256
  
  6c04bfdf86db19108f480cad82ec4dccca46beeb2cd1b82aac6d62ea02df52a7
- SHA512
  
  4296f188b7839a4ec234f186e4d202c1d67bd8dd640418542b70eb624196db54df113271f0db8ec85f7a55b1237be246484f8290f5784b3e7b365ead4a5d6b7c
- SSDEEP
  
  24576:kj+Dcfcx+YdmBTFTnuwPW+lA6OHeP/UX6q41k7rDvFnuAGKpSlPnp:kbEx+YdywwO+Aqq5vAFKp+
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  WWW.meNOKIA.com.url
- Size
  
  148B
- MD5
  
  403b8ed9703c0b2b8a87cbdafe9619ea
- SHA1
  
  19a3faf0670d67c10ea08318b77baeb527b15f22
- SHA256
  
  567e3e76678147bdfa4f7bfa36c28d3591cb5158a4e7007afa9400b15db320e0
- SHA512
  
  4cef1eced54e98a06303b1399280943eb1e2af89c5252f580fe608302b5ce50eb10cb2e3f5c307d66fd1c1d2532fb7b3a2edaf46287d681c4123f22bb1544009
Score

6^/10

discovery evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

discoveryevasiontrojan

behavioral6