50131902022254576687a81fc219ba30188515f90642782a1b78d92e74c16460 | Triage

Sharing

General

Target

380a7328398135a5cd0c3e0847ba8252_JaffaCakes118
Size

827KB
Sample

240512-d3936ahf44
MD5

380a7328398135a5cd0c3e0847ba8252
SHA1

b85965fd39ce83d41c9f943b4b6b5d2d53863f29
SHA256

50131902022254576687a81fc219ba30188515f90642782a1b78d92e74c16460
SHA512

f09f5f03eb63611f264740a3e366995362173752eb5d2b47bdeb2f380ed07f5a5819d4700dbcc69521f413d8b24be855e2d27af20d2a27be7b21542c1afee724
SSDEEP

24576:md6ERoBhQ1w41mlffVOP3Vb4G0/icGmPb5wLc:mRRqhoAFyVb4gcGmNwQ

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  380a7328398135a5cd0c3e0847ba8252_JaffaCakes118
- Size
  
  827KB
- MD5
  
  380a7328398135a5cd0c3e0847ba8252
- SHA1
  
  b85965fd39ce83d41c9f943b4b6b5d2d53863f29
- SHA256
  
  50131902022254576687a81fc219ba30188515f90642782a1b78d92e74c16460
- SHA512
  
  f09f5f03eb63611f264740a3e366995362173752eb5d2b47bdeb2f380ed07f5a5819d4700dbcc69521f413d8b24be855e2d27af20d2a27be7b21542c1afee724
- SSDEEP
  
  24576:md6ERoBhQ1w41mlffVOP3Vb4G0/icGmPb5wLc:mRRqhoAFyVb4gcGmNwQ
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan