3e24fa5fa7c8b72e9b90920c0bf6cab89df0e644db7bf2d46f08ed5f4837ef32 | Triage

Sharing

General

Target

02c9ed63dcd2090668da7f4171a6a7ec_JaffaCakes118
Size

789KB
Sample

240427-jythhafa5w
MD5

02c9ed63dcd2090668da7f4171a6a7ec
SHA1

7efc5ea2a8d8585a5613f0aa445fac2ff3f64964
SHA256

3e24fa5fa7c8b72e9b90920c0bf6cab89df0e644db7bf2d46f08ed5f4837ef32
SHA512

a7250ef283d3950a5910074c8c52dbc1b15d205a50087f6cda744aa65831bb21ce8347bb4574ae20b9f38d0f568eae3ec052efabf7ce2541f03208c8bf239d15
SSDEEP

24576:QnLY/2yO+QMug70qFOXKPkWvsXiKawAei:Qn0/uPMF7pFKWUybwvi

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  02c9ed63dcd2090668da7f4171a6a7ec_JaffaCakes118
- Size
  
  789KB
- MD5
  
  02c9ed63dcd2090668da7f4171a6a7ec
- SHA1
  
  7efc5ea2a8d8585a5613f0aa445fac2ff3f64964
- SHA256
  
  3e24fa5fa7c8b72e9b90920c0bf6cab89df0e644db7bf2d46f08ed5f4837ef32
- SHA512
  
  a7250ef283d3950a5910074c8c52dbc1b15d205a50087f6cda744aa65831bb21ce8347bb4574ae20b9f38d0f568eae3ec052efabf7ce2541f03208c8bf239d15
- SSDEEP
  
  24576:QnLY/2yO+QMug70qFOXKPkWvsXiKawAei:Qn0/uPMF7pFKWUybwvi
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan