7716e7a23f161c39f967f49979be206912ce2550894686488ed5f3dd819c9063 | Triage

Sharing

General

Target

04f39e5b8e6b4e609dc7f7ee997423ac_JaffaCakes118
Size

812KB
Sample

240428-l6hgbade3y
MD5

04f39e5b8e6b4e609dc7f7ee997423ac
SHA1

18f88b76e7b2d7c12314c38b05fa903d7b6bdd43
SHA256

7716e7a23f161c39f967f49979be206912ce2550894686488ed5f3dd819c9063
SHA512

89aad354d2e96cd02e8988499ae97fce204baf5e26e2375be339add029136913f5183d246611c25a19410504ac8319de03aa03b791a00dcad25e13d44d8e7f21
SSDEEP

24576:4P10v58x2wwXwDgKKVApjcuqz3OTfGpgsAum:4NU580wwB5VYOIApm

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  04f39e5b8e6b4e609dc7f7ee997423ac_JaffaCakes118
- Size
  
  812KB
- MD5
  
  04f39e5b8e6b4e609dc7f7ee997423ac
- SHA1
  
  18f88b76e7b2d7c12314c38b05fa903d7b6bdd43
- SHA256
  
  7716e7a23f161c39f967f49979be206912ce2550894686488ed5f3dd819c9063
- SHA512
  
  89aad354d2e96cd02e8988499ae97fce204baf5e26e2375be339add029136913f5183d246611c25a19410504ac8319de03aa03b791a00dcad25e13d44d8e7f21
- SSDEEP
  
  24576:4P10v58x2wwXwDgKKVApjcuqz3OTfGpgsAum:4NU580wwB5VYOIApm
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan