fe23375c7b3262b6cc2383ba1855d1e7979f0f2fd7dbf0e6aaded7378d559ad5 | Triage

Sharing

General

Target

041320eed27d622590a03e55c7779b28_JaffaCakes118
Size

1.0MB
Sample

240428-bwebssda76
MD5

041320eed27d622590a03e55c7779b28
SHA1

d19bb4061bd906d2dac0792eb1e412efeefdf709
SHA256

fe23375c7b3262b6cc2383ba1855d1e7979f0f2fd7dbf0e6aaded7378d559ad5
SHA512

ab25b81ebf9ef0ba085ddec78da9d917154391d9a53a2404763be596a6bfa8132baacebc48c79b0ab68447ee6e0589d50dba3d1d7fcf88bc7af300599cb2c021
SSDEEP

24576:mbWqYOZVjrj27/scY/71eOrvo3pmPPyB8eGiQq:mbWqdr67kcY/JRA36yB8exp

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  041320eed27d622590a03e55c7779b28_JaffaCakes118
- Size
  
  1.0MB
- MD5
  
  041320eed27d622590a03e55c7779b28
- SHA1
  
  d19bb4061bd906d2dac0792eb1e412efeefdf709
- SHA256
  
  fe23375c7b3262b6cc2383ba1855d1e7979f0f2fd7dbf0e6aaded7378d559ad5
- SHA512
  
  ab25b81ebf9ef0ba085ddec78da9d917154391d9a53a2404763be596a6bfa8132baacebc48c79b0ab68447ee6e0589d50dba3d1d7fcf88bc7af300599cb2c021
- SSDEEP
  
  24576:mbWqYOZVjrj27/scY/71eOrvo3pmPPyB8eGiQq:mbWqdr67kcY/JRA36yB8exp
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan