ff99dd7610653014a0c5b232de427a14192cdc2d3d65e38a4083a4ff0475273b | Triage

Sharing

General

Target

03c92bdf8c0449ee16838f6bdfc9a0b1_JaffaCakes118
Size

1.2MB
Sample

240427-2kg7esad9t
MD5

03c92bdf8c0449ee16838f6bdfc9a0b1
SHA1

d4b1a71f8b33dcaca5cded3dd5289e869b6e5ec2
SHA256

ff99dd7610653014a0c5b232de427a14192cdc2d3d65e38a4083a4ff0475273b
SHA512

07a4b8d0f079902e70d14e7bf57af638bb9ea147f917e5e6055f94d7564ba2e2c0926b546fb7761a0b47c75f493d0ac4860c6541e274446eb5284341f803691b
SSDEEP

24576:WfQIgBxEJAXw4y/Sgp4H2IkD9gHdyWjnpVzlN1x:HICSAw4kOvkD9YdBzDzl5

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  03c92bdf8c0449ee16838f6bdfc9a0b1_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  03c92bdf8c0449ee16838f6bdfc9a0b1
- SHA1
  
  d4b1a71f8b33dcaca5cded3dd5289e869b6e5ec2
- SHA256
  
  ff99dd7610653014a0c5b232de427a14192cdc2d3d65e38a4083a4ff0475273b
- SHA512
  
  07a4b8d0f079902e70d14e7bf57af638bb9ea147f917e5e6055f94d7564ba2e2c0926b546fb7761a0b47c75f493d0ac4860c6541e274446eb5284341f803691b
- SSDEEP
  
  24576:WfQIgBxEJAXw4y/Sgp4H2IkD9gHdyWjnpVzlN1x:HICSAw4kOvkD9YdBzDzl5
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan