81b57fcff2f7e6101e824b84896a7c5c12f68917976e57d07e409d311e3d28b2 | Triage

Sharing

General

Target

04c45b0ff114bd463f59d809503f3595_JaffaCakes118
Size

815KB
Sample

240428-j9xdjabg9v
MD5

04c45b0ff114bd463f59d809503f3595
SHA1

cd058e3c81b2f9f2af4890d4e5f05d7b75410214
SHA256

81b57fcff2f7e6101e824b84896a7c5c12f68917976e57d07e409d311e3d28b2
SHA512

e2d487de09089e509257085d97cb9071cd6954f31cb045ea96cb4427fffc2692e8810f9d56b0460411daaa9f0339c0a3894d8bc2c6a1a31d196df04f41827b36
SSDEEP

24576:tC4BahshHNKYx3BZ6VsRPDtzNK2JNOKqfSIZ+YcZct:tCHsJp3dN5xqKrNqt

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  04c45b0ff114bd463f59d809503f3595_JaffaCakes118
- Size
  
  815KB
- MD5
  
  04c45b0ff114bd463f59d809503f3595
- SHA1
  
  cd058e3c81b2f9f2af4890d4e5f05d7b75410214
- SHA256
  
  81b57fcff2f7e6101e824b84896a7c5c12f68917976e57d07e409d311e3d28b2
- SHA512
  
  e2d487de09089e509257085d97cb9071cd6954f31cb045ea96cb4427fffc2692e8810f9d56b0460411daaa9f0339c0a3894d8bc2c6a1a31d196df04f41827b36
- SSDEEP
  
  24576:tC4BahshHNKYx3BZ6VsRPDtzNK2JNOKqfSIZ+YcZct:tCHsJp3dN5xqKrNqt
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan