fd756b88a22af2153f45c347bebf235ffa8cb0046d77af4bd5d7e1bba43cdeb5 | Triage

Sharing

General

Target

04e2aa8c776495fe9094d9c5902b3ade_JaffaCakes118
Size

806KB
Sample

240428-lhsmdacf86
MD5

04e2aa8c776495fe9094d9c5902b3ade
SHA1

c46a4db5749df4b989264dcfee05ca3a10de0c7f
SHA256

fd756b88a22af2153f45c347bebf235ffa8cb0046d77af4bd5d7e1bba43cdeb5
SHA512

1fee716e368a7ce858eec0075398c45bcbd55d6a1f324024553e3e8ed3233a6b2b7049a31155c6da0862dad6bab19fb5fb759b6bf61ae66d2e5c9f546a41063d
SSDEEP

12288:Z1C8oKtcaS9Lc5AVSFexQANHljM5SfzJSPDYIxVOjGDLrC0Gf637Fql6R:bC8Sq5AiAQqHljzzJIcCvrYy546R

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  04e2aa8c776495fe9094d9c5902b3ade_JaffaCakes118
- Size
  
  806KB
- MD5
  
  04e2aa8c776495fe9094d9c5902b3ade
- SHA1
  
  c46a4db5749df4b989264dcfee05ca3a10de0c7f
- SHA256
  
  fd756b88a22af2153f45c347bebf235ffa8cb0046d77af4bd5d7e1bba43cdeb5
- SHA512
  
  1fee716e368a7ce858eec0075398c45bcbd55d6a1f324024553e3e8ed3233a6b2b7049a31155c6da0862dad6bab19fb5fb759b6bf61ae66d2e5c9f546a41063d
- SSDEEP
  
  12288:Z1C8oKtcaS9Lc5AVSFexQANHljM5SfzJSPDYIxVOjGDLrC0Gf637Fql6R:bC8Sq5AiAQqHljzzJIcCvrYy546R
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan