e40cf8b8bf5e60a24fe4e0a2cc38da3fb3fb1441aaecdd9715296e4668a5040f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

152bdf0f0e9de4c4c3adb9c752a5add3_JaffaCakes118
Size

871KB
Sample

240505-avtjnagg2y
MD5

152bdf0f0e9de4c4c3adb9c752a5add3
SHA1

27996f8e64463306a595c937b158a8981508b60c
SHA256

e40cf8b8bf5e60a24fe4e0a2cc38da3fb3fb1441aaecdd9715296e4668a5040f
SHA512

6994c045bca0c2e2f24fd265dfe1c981d6bec19c0d3b56bb938b798ba47feed4ae6613befe27b7c21bc73804b2df5eccafa19e754b5cd91f294783cab9a11790
SSDEEP

24576:1J0ywQQxASQ5smREmGy5UUGshEKKMZfrp/IEcBVu5:r0EQxASOsmOmqUGfKKMVtrcm5

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  152bdf0f0e9de4c4c3adb9c752a5add3_JaffaCakes118
- Size
  
  871KB
- MD5
  
  152bdf0f0e9de4c4c3adb9c752a5add3
- SHA1
  
  27996f8e64463306a595c937b158a8981508b60c
- SHA256
  
  e40cf8b8bf5e60a24fe4e0a2cc38da3fb3fb1441aaecdd9715296e4668a5040f
- SHA512
  
  6994c045bca0c2e2f24fd265dfe1c981d6bec19c0d3b56bb938b798ba47feed4ae6613befe27b7c21bc73804b2df5eccafa19e754b5cd91f294783cab9a11790
- SSDEEP
  
  24576:1J0ywQQxASQ5smREmGy5UUGshEKKMZfrp/IEcBVu5:r0EQxASOsmOmqUGfKKMVtrcm5
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2