d866bf5fa6b4bd1ce989a0011d92fe2b42045d45af97d0b69f421fa62be17830 | Triage

Sharing

General

Target

045e0d10630f1a5acbfdc8ab2565101f_JaffaCakes118
Size

877KB
Sample

240428-ez875agc9s
MD5

045e0d10630f1a5acbfdc8ab2565101f
SHA1

ad7c408552182059cacde242b9cb2e7f99c134b0
SHA256

d866bf5fa6b4bd1ce989a0011d92fe2b42045d45af97d0b69f421fa62be17830
SHA512

8c18afcb003ac71c4a2171aa64d18635be0df9a4f20988f3ed873f7e5347b67256d8ac91f953a5e2bde4237c7da9b720c23a5e096d29fb13081bea71cfdef7c6
SSDEEP

24576:RT22yrihBIay+z4Xv/Wgj4JKJ3d6w5j++y5s8PD8:RTpykBM+6BfJt6SLy5s8r8

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  045e0d10630f1a5acbfdc8ab2565101f_JaffaCakes118
- Size
  
  877KB
- MD5
  
  045e0d10630f1a5acbfdc8ab2565101f
- SHA1
  
  ad7c408552182059cacde242b9cb2e7f99c134b0
- SHA256
  
  d866bf5fa6b4bd1ce989a0011d92fe2b42045d45af97d0b69f421fa62be17830
- SHA512
  
  8c18afcb003ac71c4a2171aa64d18635be0df9a4f20988f3ed873f7e5347b67256d8ac91f953a5e2bde4237c7da9b720c23a5e096d29fb13081bea71cfdef7c6
- SSDEEP
  
  24576:RT22yrihBIay+z4Xv/Wgj4JKJ3d6w5j++y5s8PD8:RTpykBM+6BfJt6SLy5s8r8
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2