045f1ab4c76a36d18341435c08e7f79a3db4489bc12a1c965fb611b565cbf1bb | Triage

Sharing

General

Target

11a2e4238962f65537ad76283187bd8a_JaffaCakes118
Size

764KB
Sample

240504-h2zcgshh66
MD5

11a2e4238962f65537ad76283187bd8a
SHA1

bde705d7585cb666a757462feff5bfa75a001c57
SHA256

045f1ab4c76a36d18341435c08e7f79a3db4489bc12a1c965fb611b565cbf1bb
SHA512

a384c8181ef7b9647dc2cc6f9f8191f2fdc6e2824554e9d522cff44269eeba346a6ddec8729a9bc23645294cd598d89acaacc92821299cf02479591c27374c73
SSDEEP

12288:VWnOH+Te8iy5nc08qcsH3ljcyv1VCH4e4McMzMnwn/a7iC/VwU/e1s:VmjbT8q7VrtwWBMzDndCNHW1s

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  11a2e4238962f65537ad76283187bd8a_JaffaCakes118
- Size
  
  764KB
- MD5
  
  11a2e4238962f65537ad76283187bd8a
- SHA1
  
  bde705d7585cb666a757462feff5bfa75a001c57
- SHA256
  
  045f1ab4c76a36d18341435c08e7f79a3db4489bc12a1c965fb611b565cbf1bb
- SHA512
  
  a384c8181ef7b9647dc2cc6f9f8191f2fdc6e2824554e9d522cff44269eeba346a6ddec8729a9bc23645294cd598d89acaacc92821299cf02479591c27374c73
- SSDEEP
  
  12288:VWnOH+Te8iy5nc08qcsH3ljcyv1VCH4e4McMzMnwn/a7iC/VwU/e1s:VmjbT8q7VrtwWBMzDndCNHW1s
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2