60fa92bd3075f82ac560bd255dcc05b1c6b2db1dbff3892510c2dd2ef9a8f90b | Triage

Sharing

General

Target

02bb609f1c76317846738f59944e0cf9_JaffaCakes118
Size

852KB
Sample

240427-jd9zraee9s
MD5

02bb609f1c76317846738f59944e0cf9
SHA1

7aee3f752ae2327555bc35e09ae03214cbdc0a46
SHA256

60fa92bd3075f82ac560bd255dcc05b1c6b2db1dbff3892510c2dd2ef9a8f90b
SHA512

666b0bc9af724d39be858d28f654a7d988bc59b24981d4fa35de7e31aaf3418bca9d14f72964b82b0daf9af03cc5ce4683477074274f240b3a7e28f94fdd3d77
SSDEEP

24576:tJVL0LGEy20CzORLYodREh+NNeIPWatce:tJl0LGLCz70Eh+NNqe

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  02bb609f1c76317846738f59944e0cf9_JaffaCakes118
- Size
  
  852KB
- MD5
  
  02bb609f1c76317846738f59944e0cf9
- SHA1
  
  7aee3f752ae2327555bc35e09ae03214cbdc0a46
- SHA256
  
  60fa92bd3075f82ac560bd255dcc05b1c6b2db1dbff3892510c2dd2ef9a8f90b
- SHA512
  
  666b0bc9af724d39be858d28f654a7d988bc59b24981d4fa35de7e31aaf3418bca9d14f72964b82b0daf9af03cc5ce4683477074274f240b3a7e28f94fdd3d77
- SSDEEP
  
  24576:tJVL0LGEy20CzORLYodREh+NNeIPWatce:tJl0LGLCz70Eh+NNqe
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan