893714d3598705d8d9aded48b9c0b4c8cd33d478e1c6ba5591b7ba822c5409aa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

104fe925bbe9b53e47cbea4880b47061_JaffaCakes118
Size

845KB
Sample

240503-mmlv3aef45
MD5

104fe925bbe9b53e47cbea4880b47061
SHA1

5f5e9f8ca522979b95e642753a7ea62671003bc7
SHA256

893714d3598705d8d9aded48b9c0b4c8cd33d478e1c6ba5591b7ba822c5409aa
SHA512

61f8b109003160792c750decc9368ecee206c1995007e87ca5cf419bebf40b8105580781e7c33d9d550d4eb70ddeca4d70e8cc79e0e4bd356221f23658b49aa4
SSDEEP

24576:lj6P5YwqkbS98E5O5hYMth9rW/cmUu5n+DnQzwMhu76P:Syw1s58FvWUmUq+D0wMhumP

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  104fe925bbe9b53e47cbea4880b47061_JaffaCakes118
- Size
  
  845KB
- MD5
  
  104fe925bbe9b53e47cbea4880b47061
- SHA1
  
  5f5e9f8ca522979b95e642753a7ea62671003bc7
- SHA256
  
  893714d3598705d8d9aded48b9c0b4c8cd33d478e1c6ba5591b7ba822c5409aa
- SHA512
  
  61f8b109003160792c750decc9368ecee206c1995007e87ca5cf419bebf40b8105580781e7c33d9d550d4eb70ddeca4d70e8cc79e0e4bd356221f23658b49aa4
- SSDEEP
  
  24576:lj6P5YwqkbS98E5O5hYMth9rW/cmUu5n+DnQzwMhu76P:Syw1s58FvWUmUq+D0wMhumP
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan