d086238a23a18438c99b6d177dd03450c88717839d4b8e3bc536412dfa8f68c4 | Triage

Sharing

General

Target

3ff5e8888aa1c9692c8eefb2882ab26e_JaffaCakes118
Size

898KB
Sample

240513-ryphjsbc77
MD5

3ff5e8888aa1c9692c8eefb2882ab26e
SHA1

0579728d68fc14c0cee078bd0028111b30b7860d
SHA256

d086238a23a18438c99b6d177dd03450c88717839d4b8e3bc536412dfa8f68c4
SHA512

cdcb49244cc2430e11599636114df976db705412ab268ce27784cb991c722e7deab4918a26063e2d2b3a668cd923bef6dbd805dcbeb019afc6894f8da3f03bbb
SSDEEP

24576:096HnrMVqYNmZuE0kvC98XztWpLjV7jPQB1aaqxQP:096HrPYqLQq0fVPQEQP

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  3ff5e8888aa1c9692c8eefb2882ab26e_JaffaCakes118
- Size
  
  898KB
- MD5
  
  3ff5e8888aa1c9692c8eefb2882ab26e
- SHA1
  
  0579728d68fc14c0cee078bd0028111b30b7860d
- SHA256
  
  d086238a23a18438c99b6d177dd03450c88717839d4b8e3bc536412dfa8f68c4
- SHA512
  
  cdcb49244cc2430e11599636114df976db705412ab268ce27784cb991c722e7deab4918a26063e2d2b3a668cd923bef6dbd805dcbeb019afc6894f8da3f03bbb
- SSDEEP
  
  24576:096HnrMVqYNmZuE0kvC98XztWpLjV7jPQB1aaqxQP:096HrPYqLQq0fVPQEQP
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2