7ced52d54959185c55dd8b93e82a8a4b45395aad4db250bbdbbbadffd4896fdc | Triage

Sharing

General

Target

041a3715a80f081e706ab62b13f8343a_JaffaCakes118
Size

817KB
Sample

240428-b7djmsdd93
MD5

041a3715a80f081e706ab62b13f8343a
SHA1

92351c0cf7c89e08ed2792b08f1f30b5f273bd17
SHA256

7ced52d54959185c55dd8b93e82a8a4b45395aad4db250bbdbbbadffd4896fdc
SHA512

9e6bad75858e6b468eab8cb5ab598a72ec57bdf270fdc71c0cb4fbcb0eca6e7a5df9b416abc06962bd473847c5adfb3fb4e9c03e8050e0894203847ef602e85a
SSDEEP

24576:q1qN0Zjj7Rt6tG2XiXsd87twu79Y6Tq2UmnR:Bk7Rt6tGyi8q75zTFR

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  041a3715a80f081e706ab62b13f8343a_JaffaCakes118
- Size
  
  817KB
- MD5
  
  041a3715a80f081e706ab62b13f8343a
- SHA1
  
  92351c0cf7c89e08ed2792b08f1f30b5f273bd17
- SHA256
  
  7ced52d54959185c55dd8b93e82a8a4b45395aad4db250bbdbbbadffd4896fdc
- SHA512
  
  9e6bad75858e6b468eab8cb5ab598a72ec57bdf270fdc71c0cb4fbcb0eca6e7a5df9b416abc06962bd473847c5adfb3fb4e9c03e8050e0894203847ef602e85a
- SSDEEP
  
  24576:q1qN0Zjj7Rt6tG2XiXsd87twu79Y6Tq2UmnR:Bk7Rt6tGyi8q75zTFR
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan