939a18217e9f353396fe233dfd742a872b6c1ec265313795d74e238d294cc7ad | Triage

Submit
Reports

Overview

overview

Static

static

3

13f1e732aa...18.exe

windows7-x64

13f1e732aa...18.exe

windows10-2004-x64

3

Sharing

General

Target

13f1e732aafb6b1be1aee5d5fe03ca11_JaffaCakes118
Size

384KB
Sample

240701-jfml8szamg
MD5

13f1e732aafb6b1be1aee5d5fe03ca11
SHA1

284aeaffac85eb583d53b3cff2b950361c5aa1a4
SHA256

939a18217e9f353396fe233dfd742a872b6c1ec265313795d74e238d294cc7ad
SHA512

866c3c30bdee0380394d1b8eaa2673f9c226552427eed2b8963eb2e8f3b29dae1730edd754aeb579beb7ab2e4b5cfd178f087a6d44a1af35dd8af125c08bece5
SSDEEP

6144:YRthERv55G5ke9MRs0On1SIFs7Bqwtj9kJ8c0IITjZ0N7/cYL9duz4hwOUu808OE:EgR5GdCs0O1BkBqwtjFc0fTjZOT59ozt

Score

10^/10

evasion persistence trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

13f1e732aafb6b1be1aee5d5fe03ca11_JaffaCakes118.exe

Resource

win7-20240221-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

13f1e732aafb6b1be1aee5d5fe03ca11_JaffaCakes118.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Targets

- Target
  
  13f1e732aafb6b1be1aee5d5fe03ca11_JaffaCakes118
- Size
  
  384KB
- MD5
  
  13f1e732aafb6b1be1aee5d5fe03ca11
- SHA1
  
  284aeaffac85eb583d53b3cff2b950361c5aa1a4
- SHA256
  
  939a18217e9f353396fe233dfd742a872b6c1ec265313795d74e238d294cc7ad
- SHA512
  
  866c3c30bdee0380394d1b8eaa2673f9c226552427eed2b8963eb2e8f3b29dae1730edd754aeb579beb7ab2e4b5cfd178f087a6d44a1af35dd8af125c08bece5
- SSDEEP
  
  6144:YRthERv55G5ke9MRs0On1SIFs7Bqwtj9kJ8c0IITjZ0N7/cYL9duz4hwOUu808OE:EgR5GdCs0O1BkBqwtjFc0fTjZOT59ozt
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

© 2018-2024

Terms | Privacy