f218baff2056d45d2afbd045ac7b1e5b038537fd0d563a09c4c7fe46debd87b4 | Triage

Sharing

General

Target

043f65f12d070d1c0a97cd3056289101_JaffaCakes118
Size

881KB
Sample

240428-dplteaeg72
MD5

043f65f12d070d1c0a97cd3056289101
SHA1

dde39147aa2aceae80aa25329fd93b61b8283826
SHA256

f218baff2056d45d2afbd045ac7b1e5b038537fd0d563a09c4c7fe46debd87b4
SHA512

d7be16f114b43de3ae8e126564bfb8dd40165d911088317e934a462636fe551b1a0af5bebae7822a64375829991e2717d0eb1f7cd7a5b4db095aa0a83cb7421a
SSDEEP

12288:5UYapIDCZyVTP2iQLieqPojGImjEYongZKD39Tm6bNGgdAv4nijXo7vXjX3cNS9t:S7d2TP2LMIkk35makKWafbWJZg1lDJ

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  043f65f12d070d1c0a97cd3056289101_JaffaCakes118
- Size
  
  881KB
- MD5
  
  043f65f12d070d1c0a97cd3056289101
- SHA1
  
  dde39147aa2aceae80aa25329fd93b61b8283826
- SHA256
  
  f218baff2056d45d2afbd045ac7b1e5b038537fd0d563a09c4c7fe46debd87b4
- SHA512
  
  d7be16f114b43de3ae8e126564bfb8dd40165d911088317e934a462636fe551b1a0af5bebae7822a64375829991e2717d0eb1f7cd7a5b4db095aa0a83cb7421a
- SSDEEP
  
  12288:5UYapIDCZyVTP2iQLieqPojGImjEYongZKD39Tm6bNGgdAv4nijXo7vXjX3cNS9t:S7d2TP2LMIkk35makKWafbWJZg1lDJ
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2