af45320d01b199efd9e7550d70a9a3ed32e362a60ffd9ec1bc265999213facf5 | Triage

Sharing

General

Target

05672b0c502360408642a5a685eef8f6_JaffaCakes118
Size

1.3MB
Sample

240428-rwkftaab61
MD5

05672b0c502360408642a5a685eef8f6
SHA1

9ad71de68d42235642f42f8e1ffdab4c42b1d3e5
SHA256

af45320d01b199efd9e7550d70a9a3ed32e362a60ffd9ec1bc265999213facf5
SHA512

b04447770025cc912379ca49b2a89d0967e5608d745652b540711b254b44b26734303e86b240261008c6a8c5b763bf1e8ef3b287e440fe36e07d1f54d84515db
SSDEEP

24576:bBuZysoKR5Vagt/0zuBoGmr8K9hZ/KcMNQtJ1P5kchRwXqt4:bBuZysoKRmgt0SeGU8gZ/UNQtJ1hkchh

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  05672b0c502360408642a5a685eef8f6_JaffaCakes118
- Size
  
  1.3MB
- MD5
  
  05672b0c502360408642a5a685eef8f6
- SHA1
  
  9ad71de68d42235642f42f8e1ffdab4c42b1d3e5
- SHA256
  
  af45320d01b199efd9e7550d70a9a3ed32e362a60ffd9ec1bc265999213facf5
- SHA512
  
  b04447770025cc912379ca49b2a89d0967e5608d745652b540711b254b44b26734303e86b240261008c6a8c5b763bf1e8ef3b287e440fe36e07d1f54d84515db
- SSDEEP
  
  24576:bBuZysoKR5Vagt/0zuBoGmr8K9hZ/KcMNQtJ1P5kchRwXqt4:bBuZysoKRmgt0SeGU8gZ/UNQtJ1hkchh
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan