8fe52e1d8bb52d2add3839b1a087497090013ad124fc069d8c7519e75b6f7ba5 | Triage

Sharing

General

Target

096e54edec20fb27ae1b2b83c21a51d5_JaffaCakes118
Size

847KB
Sample

240430-kcbk8sgc52
MD5

096e54edec20fb27ae1b2b83c21a51d5
SHA1

44b1db50d6ab6fa4a570ced67be7544bb7fd8363
SHA256

8fe52e1d8bb52d2add3839b1a087497090013ad124fc069d8c7519e75b6f7ba5
SHA512

9b36facf979a9c5fb952611fbabe9bae6b336da915f700af077f608dca2e0286997f2493956f091380c1fd58801433ec1f599ed05cf06125205b9ca8e4061e48
SSDEEP

12288:4hz1Qa+NliGBpDjacO0SUq5ay2Id18Huv5lPWr6POPcE7t9r7Px65cYaokC4IRso:4zXuZ8qEta05lPlq777x66nE+B0p0fq

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  096e54edec20fb27ae1b2b83c21a51d5_JaffaCakes118
- Size
  
  847KB
- MD5
  
  096e54edec20fb27ae1b2b83c21a51d5
- SHA1
  
  44b1db50d6ab6fa4a570ced67be7544bb7fd8363
- SHA256
  
  8fe52e1d8bb52d2add3839b1a087497090013ad124fc069d8c7519e75b6f7ba5
- SHA512
  
  9b36facf979a9c5fb952611fbabe9bae6b336da915f700af077f608dca2e0286997f2493956f091380c1fd58801433ec1f599ed05cf06125205b9ca8e4061e48
- SSDEEP
  
  12288:4hz1Qa+NliGBpDjacO0SUq5ay2Id18Huv5lPWr6POPcE7t9r7Px65cYaokC4IRso:4zXuZ8qEta05lPlq777x66nE+B0p0fq
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan