1e599b9ecacb41af1f7641d1bbd86b17454780910a1f1424dbb4829c5df2e3f6 | Triage

Submit
Reports

Overview

overview

Static

static

3

26c9afc06c...18.exe

windows7-x64

26c9afc06c...18.exe

windows10-2004-x64

3

Sharing

General

Target

26c9afc06cad99c334536589bbf81798_JaffaCakes118
Size

456KB
Sample

240705-kcqedsvfpm
MD5

26c9afc06cad99c334536589bbf81798
SHA1

4608e205004957909732bb0b12f050676ed46cf8
SHA256

1e599b9ecacb41af1f7641d1bbd86b17454780910a1f1424dbb4829c5df2e3f6
SHA512

447da64377e8ea09972da62ce5d9099aaf1c3b5738431265f105d04a2477ea8b8616bc6252da5f3a4136f112bcb6714cc3b702dd97d4e796ed2477f51c4f8fa0
SSDEEP

6144:gJUIggf1yAZotZT7qOl9KGXv6a6MPipBLKWgCuiUPd6iFy3jmdsQ5aD:gJUIf1bZotUOTZvDQBK/IUy36

Score

10^/10

evasion persistence trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

26c9afc06cad99c334536589bbf81798_JaffaCakes118.exe

Resource

win7-20240221-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

26c9afc06cad99c334536589bbf81798_JaffaCakes118.exe

Resource

win10v2004-20240704-en

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Targets

- Target
  
  26c9afc06cad99c334536589bbf81798_JaffaCakes118
- Size
  
  456KB
- MD5
  
  26c9afc06cad99c334536589bbf81798
- SHA1
  
  4608e205004957909732bb0b12f050676ed46cf8
- SHA256
  
  1e599b9ecacb41af1f7641d1bbd86b17454780910a1f1424dbb4829c5df2e3f6
- SHA512
  
  447da64377e8ea09972da62ce5d9099aaf1c3b5738431265f105d04a2477ea8b8616bc6252da5f3a4136f112bcb6714cc3b702dd97d4e796ed2477f51c4f8fa0
- SSDEEP
  
  6144:gJUIggf1yAZotZT7qOl9KGXv6a6MPipBLKWgCuiUPd6iFy3jmdsQ5aD:gJUIf1bZotUOTZvDQBK/IUy36
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

© 2018-2024

Terms | Privacy