842db0c067f47c6436747d17c66e36224787233a763847aea00174235e94007f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c88dbb418373059504d7642f7418fc7_JaffaCakes118
Size

887KB
Sample

240501-w7g72sff47
MD5

0c88dbb418373059504d7642f7418fc7
SHA1

27a9fd0e98d1b83b069bf6bec0183260948d496a
SHA256

842db0c067f47c6436747d17c66e36224787233a763847aea00174235e94007f
SHA512

5b8884e8c62b7dd06cf14c0c889f12bf477dbcbf882ea0131a89d7b78286dd2ac108fbae735f3f815128deeca8f60100eb9bf4a9f9d7fb3f63a5cc9feaf99a48
SSDEEP

24576:EnYQwZ9OR7FvM5+t97HzpVL6xRkrpCJdlEOQg:EnYQPRJM5+t97TpZ6fCK87g

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  0c88dbb418373059504d7642f7418fc7_JaffaCakes118
- Size
  
  887KB
- MD5
  
  0c88dbb418373059504d7642f7418fc7
- SHA1
  
  27a9fd0e98d1b83b069bf6bec0183260948d496a
- SHA256
  
  842db0c067f47c6436747d17c66e36224787233a763847aea00174235e94007f
- SHA512
  
  5b8884e8c62b7dd06cf14c0c889f12bf477dbcbf882ea0131a89d7b78286dd2ac108fbae735f3f815128deeca8f60100eb9bf4a9f9d7fb3f63a5cc9feaf99a48
- SSDEEP
  
  24576:EnYQwZ9OR7FvM5+t97HzpVL6xRkrpCJdlEOQg:EnYQPRJM5+t97TpZ6fCK87g
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2