7ee6299e8b4ff4a6f351ce8b624ee505c77ed67774e8368820765492c6dde710 | Triage

Sharing

General

Target

04d8d841bcea0e31873794d684135a37_JaffaCakes118
Size

820KB
Sample

240428-k39kysce7w
MD5

04d8d841bcea0e31873794d684135a37
SHA1

cf9bda56da5b3c2891f9b3ee166dc44578c13314
SHA256

7ee6299e8b4ff4a6f351ce8b624ee505c77ed67774e8368820765492c6dde710
SHA512

67319773a398ccee102ca739e60b4f064840e512d1e6739096f72cabf8210dbd1f8fd7e114bf87bfeadcad2099fbe7a3cf0fcd2bc379e3e2b7fda46e669b9d23
SSDEEP

24576:LmTuGywlrjdtQR8/MCyaVUvF7gMEOmNGpVn0A:UuGHdthM/TtlEv/A

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  04d8d841bcea0e31873794d684135a37_JaffaCakes118
- Size
  
  820KB
- MD5
  
  04d8d841bcea0e31873794d684135a37
- SHA1
  
  cf9bda56da5b3c2891f9b3ee166dc44578c13314
- SHA256
  
  7ee6299e8b4ff4a6f351ce8b624ee505c77ed67774e8368820765492c6dde710
- SHA512
  
  67319773a398ccee102ca739e60b4f064840e512d1e6739096f72cabf8210dbd1f8fd7e114bf87bfeadcad2099fbe7a3cf0fcd2bc379e3e2b7fda46e669b9d23
- SSDEEP
  
  24576:LmTuGywlrjdtQR8/MCyaVUvF7gMEOmNGpVn0A:UuGHdthM/TtlEv/A
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan