814a4d7080bccd63920a9ce7daf492ae6fd85cfa2613bf6249d32f77b0baa2bb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

345796145b6b0ed9a6f2982b0b52089a_JaffaCakes118
Size

921KB
Sample

240511-ngwczsgh54
MD5

345796145b6b0ed9a6f2982b0b52089a
SHA1

2fbc017222ef7dc505deab0d3ce989d7427cd336
SHA256

814a4d7080bccd63920a9ce7daf492ae6fd85cfa2613bf6249d32f77b0baa2bb
SHA512

9b2de2cb73dee8852e16c9704ac79adbe1e8c88d9abbf46dcc0057f19533b809a802fb0c6a821d1d5ead31a94351ea43e3f56754ff38f7e6919b4a9b4d4d7196
SSDEEP

24576:NopJAACxAO+5vqlKhtwmqs5Sfx/BdSQhBHo:NoXAACxAhylKjws5qd9o

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  345796145b6b0ed9a6f2982b0b52089a_JaffaCakes118
- Size
  
  921KB
- MD5
  
  345796145b6b0ed9a6f2982b0b52089a
- SHA1
  
  2fbc017222ef7dc505deab0d3ce989d7427cd336
- SHA256
  
  814a4d7080bccd63920a9ce7daf492ae6fd85cfa2613bf6249d32f77b0baa2bb
- SHA512
  
  9b2de2cb73dee8852e16c9704ac79adbe1e8c88d9abbf46dcc0057f19533b809a802fb0c6a821d1d5ead31a94351ea43e3f56754ff38f7e6919b4a9b4d4d7196
- SSDEEP
  
  24576:NopJAACxAO+5vqlKhtwmqs5Sfx/BdSQhBHo:NoXAACxAhylKjws5qd9o
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2