5e4db50931f90eeb9cb7e7678d9d42c769850262d10e28a3f92712cf0600e85a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

262e55aa8e07ad9b98f541973224078a_JaffaCakes118
Size

761KB
Sample

240508-w9zj4sbh36
MD5

262e55aa8e07ad9b98f541973224078a
SHA1

db8494ee1ebe4b2b36f916d3b37492cdc6bb88b4
SHA256

5e4db50931f90eeb9cb7e7678d9d42c769850262d10e28a3f92712cf0600e85a
SHA512

a5d0c6100190fa9587908afd025cf18a6d8efb8a47b5b7eae134266d9871c886fadf406bf2fe1578cad7a5da47aa49afa3627bde561324333741c1466c9e9dc6
SSDEEP

12288:YM3RtQ1IU7JkB7PXIB6McqZiKd0av4RYGae+Q6M7pEql1QZdNFScroX:YM3S6xbMcV0viYGRz67qTQHFroX

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  262e55aa8e07ad9b98f541973224078a_JaffaCakes118
- Size
  
  761KB
- MD5
  
  262e55aa8e07ad9b98f541973224078a
- SHA1
  
  db8494ee1ebe4b2b36f916d3b37492cdc6bb88b4
- SHA256
  
  5e4db50931f90eeb9cb7e7678d9d42c769850262d10e28a3f92712cf0600e85a
- SHA512
  
  a5d0c6100190fa9587908afd025cf18a6d8efb8a47b5b7eae134266d9871c886fadf406bf2fe1578cad7a5da47aa49afa3627bde561324333741c1466c9e9dc6
- SSDEEP
  
  12288:YM3RtQ1IU7JkB7PXIB6McqZiKd0av4RYGae+Q6M7pEql1QZdNFScroX:YM3S6xbMcV0viYGRz67qTQHFroX
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2