6653d27dd45dc1a791fb3006d1391b73504d59149a1bb516ceffe4dc41c53c1b | Triage

Sharing

General

Target

2738d040580a3724d9cbb5d6a1429903_JaffaCakes118
Size

845KB
Sample

240508-3g5zrafh57
MD5

2738d040580a3724d9cbb5d6a1429903
SHA1

770311c163d43096bbe91f4505b544b12586c4ae
SHA256

6653d27dd45dc1a791fb3006d1391b73504d59149a1bb516ceffe4dc41c53c1b
SHA512

403842ab5cd4734e6fdb87d545a4b69ee555438645025e4ee4ee726dc8bb3ae02b6f1f8661e52a8eca07ff3488c6e0a037eeee0c3d246cf6d85e50d7e1e6f16c
SSDEEP

24576:AYk0rUeL+kGjXb9jPKIQaAg7IlJn2wBBWyWdk:AHleyLjb9KGUlpyfk

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  2738d040580a3724d9cbb5d6a1429903_JaffaCakes118
- Size
  
  845KB
- MD5
  
  2738d040580a3724d9cbb5d6a1429903
- SHA1
  
  770311c163d43096bbe91f4505b544b12586c4ae
- SHA256
  
  6653d27dd45dc1a791fb3006d1391b73504d59149a1bb516ceffe4dc41c53c1b
- SHA512
  
  403842ab5cd4734e6fdb87d545a4b69ee555438645025e4ee4ee726dc8bb3ae02b6f1f8661e52a8eca07ff3488c6e0a037eeee0c3d246cf6d85e50d7e1e6f16c
- SSDEEP
  
  24576:AYk0rUeL+kGjXb9jPKIQaAg7IlJn2wBBWyWdk:AHleyLjb9KGUlpyfk
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan