6297dd4366d44d992a371eccf3300dac659ce8801037c201f6abd1e1d5cdfe90 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

089dee611ca6f7c8d4b062846d05f9cf_JaffaCakes118
Size

871KB
Sample

240430-ayhassfa55
MD5

089dee611ca6f7c8d4b062846d05f9cf
SHA1

c3a1dcc27b0539550fc10064f5ce1c64f18717e8
SHA256

6297dd4366d44d992a371eccf3300dac659ce8801037c201f6abd1e1d5cdfe90
SHA512

c153f749d42afdc73b8a5d8a9d6e5e14e2342b2bdb2faf8809910754db592caa367a257d2be863f2aed9a615a56e976944c378c822be6dcd6b7e342fc32976a1
SSDEEP

24576:XwxWougXQlHXuOcdfHAyKqcM17OasZYC6Y9FyGRmib1:XwxZbX0uOaf7KFgPtmFzN1

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  089dee611ca6f7c8d4b062846d05f9cf_JaffaCakes118
- Size
  
  871KB
- MD5
  
  089dee611ca6f7c8d4b062846d05f9cf
- SHA1
  
  c3a1dcc27b0539550fc10064f5ce1c64f18717e8
- SHA256
  
  6297dd4366d44d992a371eccf3300dac659ce8801037c201f6abd1e1d5cdfe90
- SHA512
  
  c153f749d42afdc73b8a5d8a9d6e5e14e2342b2bdb2faf8809910754db592caa367a257d2be863f2aed9a615a56e976944c378c822be6dcd6b7e342fc32976a1
- SSDEEP
  
  24576:XwxWougXQlHXuOcdfHAyKqcM17OasZYC6Y9FyGRmib1:XwxZbX0uOaf7KFgPtmFzN1
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2