eebf647716c7beaf0b7ca30fae008824bdd9a1bb3ae1c6fa82d05fb04259790f | Triage

Sharing

General

Target

04982c3500204046a118c8ff6eb53f71_JaffaCakes118
Size

852KB
Sample

240428-hgglyaac33
MD5

04982c3500204046a118c8ff6eb53f71
SHA1

6d3ac25b5713ea83c4d1d37d8f4e86dab2a2ead6
SHA256

eebf647716c7beaf0b7ca30fae008824bdd9a1bb3ae1c6fa82d05fb04259790f
SHA512

7dbbe09ae6e8ee480fb4c6ac17281f8ceac8cbdee0f0fdada751b4ff9ef0a9602590afd49029500b1c5306a8da372a7a86d9d05bbcd315e4a6e6fb3b73da6c8a
SSDEEP

24576:fJVL0pQEy2ZtDeV1DDmqEvtesUngYIFBK37kTgycL:fJl0pQ45eV1D6zvzgl6CRL

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  04982c3500204046a118c8ff6eb53f71_JaffaCakes118
- Size
  
  852KB
- MD5
  
  04982c3500204046a118c8ff6eb53f71
- SHA1
  
  6d3ac25b5713ea83c4d1d37d8f4e86dab2a2ead6
- SHA256
  
  eebf647716c7beaf0b7ca30fae008824bdd9a1bb3ae1c6fa82d05fb04259790f
- SHA512
  
  7dbbe09ae6e8ee480fb4c6ac17281f8ceac8cbdee0f0fdada751b4ff9ef0a9602590afd49029500b1c5306a8da372a7a86d9d05bbcd315e4a6e6fb3b73da6c8a
- SSDEEP
  
  24576:fJVL0pQEy2ZtDeV1DDmqEvtesUngYIFBK37kTgycL:fJl0pQ45eV1D6zvzgl6CRL
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan