92e57e9bd65df700a763340fb5b18b886787393fb629b271794dd18da53d0106 | Triage

Sharing

General

Target

2fdfdfc388cfe59ee7404516feb65cf8_JaffaCakes118
Size

874KB
Sample

240510-taedsagf73
MD5

2fdfdfc388cfe59ee7404516feb65cf8
SHA1

8f9b4e2c59c3fcb0fcde22be0176a7dc910b59a2
SHA256

92e57e9bd65df700a763340fb5b18b886787393fb629b271794dd18da53d0106
SHA512

465311ee2fe5a9a066695a900f46f2e2743046b700bc718edb1bd612933fa542d5aa8226f42c385a49967528f03cc141756d2488b0348ffebff44bdd3b825443
SSDEEP

24576:qRBr5n3VvH+SzpTokRWJ1PmsPEqsTiZAwhHi:qRBf/+StFdbT2dBi

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  2fdfdfc388cfe59ee7404516feb65cf8_JaffaCakes118
- Size
  
  874KB
- MD5
  
  2fdfdfc388cfe59ee7404516feb65cf8
- SHA1
  
  8f9b4e2c59c3fcb0fcde22be0176a7dc910b59a2
- SHA256
  
  92e57e9bd65df700a763340fb5b18b886787393fb629b271794dd18da53d0106
- SHA512
  
  465311ee2fe5a9a066695a900f46f2e2743046b700bc718edb1bd612933fa542d5aa8226f42c385a49967528f03cc141756d2488b0348ffebff44bdd3b825443
- SSDEEP
  
  24576:qRBr5n3VvH+SzpTokRWJ1PmsPEqsTiZAwhHi:qRBf/+StFdbT2dBi
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2