068caef49e769fd672935f7ceb3ac13140a62a336b43ee541e56800bfa434f21 | Triage

Sharing

General

Target

0431333d2130076c0abaa4ef796c6d12_JaffaCakes118
Size

825KB
Sample

240428-c342gaed25
MD5

0431333d2130076c0abaa4ef796c6d12
SHA1

338cd63a31f43e576ec7c01485e35c23dc297d8c
SHA256

068caef49e769fd672935f7ceb3ac13140a62a336b43ee541e56800bfa434f21
SHA512

c39c7a709b9f3b5bd9b0264e4a0cbc9fccf91ce4f4bbf83d199987946bb738dd4e49cb5cb0a986f4ac6f9ac6bb3093ba2bf8fa87fe19032e8d6198d63e6e6014
SSDEEP

24576:QmCsNEbhKyZC/ceBpLheuL56e8UFMkYGwK6WbtHGIAc:QmnNEoyZteBpLom9Z3Ylc

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  0431333d2130076c0abaa4ef796c6d12_JaffaCakes118
- Size
  
  825KB
- MD5
  
  0431333d2130076c0abaa4ef796c6d12
- SHA1
  
  338cd63a31f43e576ec7c01485e35c23dc297d8c
- SHA256
  
  068caef49e769fd672935f7ceb3ac13140a62a336b43ee541e56800bfa434f21
- SHA512
  
  c39c7a709b9f3b5bd9b0264e4a0cbc9fccf91ce4f4bbf83d199987946bb738dd4e49cb5cb0a986f4ac6f9ac6bb3093ba2bf8fa87fe19032e8d6198d63e6e6014
- SSDEEP
  
  24576:QmCsNEbhKyZC/ceBpLheuL56e8UFMkYGwK6WbtHGIAc:QmnNEoyZteBpLom9Z3Ylc
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan