ddf7fc0101f045e7f1b9966d52bcb37fb7d2cdc5eccf4ebf28b7bd043f8bf369 | Triage

Sharing

General

Target

048f22bdf06832b16510b5d5d0e8ff15_JaffaCakes118
Size

806KB
Sample

240428-g37jtaab3v
MD5

048f22bdf06832b16510b5d5d0e8ff15
SHA1

fe55c2fe5bb4fff2c101d844010a8ff19d6bf618
SHA256

ddf7fc0101f045e7f1b9966d52bcb37fb7d2cdc5eccf4ebf28b7bd043f8bf369
SHA512

c87c68e006a4fdbaa93e3d1a842a4912b5a3a28d01fcf5652438132a90d176580ca94d5b9ebed6431ca02b0790ea799daecd8aadd587c53ea0ad58354415171e
SSDEEP

12288:7Fg7mI44fThgeamepW0FuJeEK+74QnDtIV0H61gslsWfb8s9haqYmfJuDc22iw:Rg7meX2KeEK04Qn0OOsqXT/xR2Bw

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  048f22bdf06832b16510b5d5d0e8ff15_JaffaCakes118
- Size
  
  806KB
- MD5
  
  048f22bdf06832b16510b5d5d0e8ff15
- SHA1
  
  fe55c2fe5bb4fff2c101d844010a8ff19d6bf618
- SHA256
  
  ddf7fc0101f045e7f1b9966d52bcb37fb7d2cdc5eccf4ebf28b7bd043f8bf369
- SHA512
  
  c87c68e006a4fdbaa93e3d1a842a4912b5a3a28d01fcf5652438132a90d176580ca94d5b9ebed6431ca02b0790ea799daecd8aadd587c53ea0ad58354415171e
- SSDEEP
  
  12288:7Fg7mI44fThgeamepW0FuJeEK+74QnDtIV0H61gslsWfb8s9haqYmfJuDc22iw:Rg7meX2KeEK04Qn0OOsqXT/xR2Bw
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan