ad9250303df351abb621656c21a6930f04979acd7d99ecd8d78b830c0bec93a4 | Triage

Sharing

General

Target

04cf16626c0e05ffbd7005284e0b6342_JaffaCakes118
Size

811KB
Sample

240428-kpxz1aca59
MD5

04cf16626c0e05ffbd7005284e0b6342
SHA1

caf7ef29d36ffa7bc35b665aefa289797ddf839a
SHA256

ad9250303df351abb621656c21a6930f04979acd7d99ecd8d78b830c0bec93a4
SHA512

49097090fb4159f90ca176ffaf61466393ace8beace8163565d513854f5f29facd92ac910770f760ab3b82204704541ff6d3c4f663d5259551a70f750c35110d
SSDEEP

24576:fDE/mpxqhMeLQfZzngODzj+0kUQVrh3nr:LUmpEWTf6ODzjZRWXr

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  04cf16626c0e05ffbd7005284e0b6342_JaffaCakes118
- Size
  
  811KB
- MD5
  
  04cf16626c0e05ffbd7005284e0b6342
- SHA1
  
  caf7ef29d36ffa7bc35b665aefa289797ddf839a
- SHA256
  
  ad9250303df351abb621656c21a6930f04979acd7d99ecd8d78b830c0bec93a4
- SHA512
  
  49097090fb4159f90ca176ffaf61466393ace8beace8163565d513854f5f29facd92ac910770f760ab3b82204704541ff6d3c4f663d5259551a70f750c35110d
- SSDEEP
  
  24576:fDE/mpxqhMeLQfZzngODzj+0kUQVrh3nr:LUmpEWTf6ODzjZRWXr
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan