d101df18c45200fec3b54f9e6e4979b2489a56ccb6e7546f12fc14a9a0cb396c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06c4f7970549889b2b261e4fe2da1b7c_JaffaCakes118
Size

870KB
Sample

240429-ejqqvahg4t
MD5

06c4f7970549889b2b261e4fe2da1b7c
SHA1

0d868da8236369d48dcfaa74c1cb49911c6b8f8a
SHA256

d101df18c45200fec3b54f9e6e4979b2489a56ccb6e7546f12fc14a9a0cb396c
SHA512

9747f01412e3b6697a47ad065f42830e0ca3c34ec144ac14b70092aba235faea2e79acb0703c205ad35ad673596f099a24fb3def7e7082d8ce1e22e5aabd4ee3
SSDEEP

24576:/bIwqsL3BIk0ZJ4opPDIDFazYc+S5ydBcyZ:/bIvsL36kCJROZXRSkhZ

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  06c4f7970549889b2b261e4fe2da1b7c_JaffaCakes118
- Size
  
  870KB
- MD5
  
  06c4f7970549889b2b261e4fe2da1b7c
- SHA1
  
  0d868da8236369d48dcfaa74c1cb49911c6b8f8a
- SHA256
  
  d101df18c45200fec3b54f9e6e4979b2489a56ccb6e7546f12fc14a9a0cb396c
- SHA512
  
  9747f01412e3b6697a47ad065f42830e0ca3c34ec144ac14b70092aba235faea2e79acb0703c205ad35ad673596f099a24fb3def7e7082d8ce1e22e5aabd4ee3
- SSDEEP
  
  24576:/bIwqsL3BIk0ZJ4opPDIDFazYc+S5ydBcyZ:/bIvsL36kCJROZXRSkhZ
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2