8a374b1645017ee54c99cbab3dc138dd4d99c5521a98c0ae76653ec92ea9869d | Triage

Sharing

General

Target

04ac9a21df5c720475627acf4f71ebc7_JaffaCakes118
Size

977KB
Sample

240428-jbfm5aah58
MD5

04ac9a21df5c720475627acf4f71ebc7
SHA1

2443054c9c566a8aab582aa569f460faea7e8350
SHA256

8a374b1645017ee54c99cbab3dc138dd4d99c5521a98c0ae76653ec92ea9869d
SHA512

0c695982277591a7f18cf5d25563de9ffcc957873558c87904d1391d3887a784330ab8f3d864a385273f96bbe9fd8eee485eade7176f677b2706f478501890b5
SSDEEP

24576:UcuMxGHHm9gVG2yFArZPjUe2eQkMAA1xUfJAUbkO5Cn3TweM:UcuM8n9VRy9e2vk01xFExW3Ty

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  04ac9a21df5c720475627acf4f71ebc7_JaffaCakes118
- Size
  
  977KB
- MD5
  
  04ac9a21df5c720475627acf4f71ebc7
- SHA1
  
  2443054c9c566a8aab582aa569f460faea7e8350
- SHA256
  
  8a374b1645017ee54c99cbab3dc138dd4d99c5521a98c0ae76653ec92ea9869d
- SHA512
  
  0c695982277591a7f18cf5d25563de9ffcc957873558c87904d1391d3887a784330ab8f3d864a385273f96bbe9fd8eee485eade7176f677b2706f478501890b5
- SSDEEP
  
  24576:UcuMxGHHm9gVG2yFArZPjUe2eQkMAA1xUfJAUbkO5Cn3TweM:UcuM8n9VRy9e2vk01xFExW3Ty
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan