51d4c1bf2e1d22036bc24f63730008f36dbec99bc24bfebde22143f13e535e30 | Triage

Sharing

General

Target

04a6c69104196e803dd59d4d94865846_JaffaCakes118
Size

793KB
Sample

240428-h2rbwaah5x
MD5

04a6c69104196e803dd59d4d94865846
SHA1

f0663edd6b1a9b8f3c06c626d21284f2b6f3b0bf
SHA256

51d4c1bf2e1d22036bc24f63730008f36dbec99bc24bfebde22143f13e535e30
SHA512

620af5851112471ce1b37a4fd952ddccb135dc31cb1bf037cda2d8986ca1921af262152f4403ffcb6e483271296c18955f4f0583b83e1795a66bc47e8b49dc22
SSDEEP

24576:QJHnS5GfKNSOlcTflx0/JkbaUfbw6ZroKXzY:QJHS5NSOlcTfLWJ3UVZUyY

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  04a6c69104196e803dd59d4d94865846_JaffaCakes118
- Size
  
  793KB
- MD5
  
  04a6c69104196e803dd59d4d94865846
- SHA1
  
  f0663edd6b1a9b8f3c06c626d21284f2b6f3b0bf
- SHA256
  
  51d4c1bf2e1d22036bc24f63730008f36dbec99bc24bfebde22143f13e535e30
- SHA512
  
  620af5851112471ce1b37a4fd952ddccb135dc31cb1bf037cda2d8986ca1921af262152f4403ffcb6e483271296c18955f4f0583b83e1795a66bc47e8b49dc22
- SSDEEP
  
  24576:QJHnS5GfKNSOlcTflx0/JkbaUfbw6ZroKXzY:QJHS5NSOlcTfLWJ3UVZUyY
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan