9eee4a912cc5efac3bf1c6fbb8513100e18f45c9d02bf796cccc7196f3580f52 | Triage

Sharing

General

Target

41395070b7407a3deebb781c6ad794be_JaffaCakes118
Size

885KB
Sample

240514-mxs25ada33
MD5

41395070b7407a3deebb781c6ad794be
SHA1

95e62e58e44df7de438433bbe07851690990d210
SHA256

9eee4a912cc5efac3bf1c6fbb8513100e18f45c9d02bf796cccc7196f3580f52
SHA512

2d4e70c956c8a40bea4bffe878564823c8510a904c0e5180596ea05ca408437fb4a2cea57e143bcf57e0db70f6bbce5e78a7a920109a4ce0139cc833cc5b00e0
SSDEEP

12288:7e21SVrMwOr2Yzc1wIUv5hDR5lHP/sOS4iCJpnrHI+z8GC83YtpyiE+vZ4IDX9vM:LJdzZIUp5LiCJtTfjCkY++BvBTaf4WF

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  41395070b7407a3deebb781c6ad794be_JaffaCakes118
- Size
  
  885KB
- MD5
  
  41395070b7407a3deebb781c6ad794be
- SHA1
  
  95e62e58e44df7de438433bbe07851690990d210
- SHA256
  
  9eee4a912cc5efac3bf1c6fbb8513100e18f45c9d02bf796cccc7196f3580f52
- SHA512
  
  2d4e70c956c8a40bea4bffe878564823c8510a904c0e5180596ea05ca408437fb4a2cea57e143bcf57e0db70f6bbce5e78a7a920109a4ce0139cc833cc5b00e0
- SSDEEP
  
  12288:7e21SVrMwOr2Yzc1wIUv5hDR5lHP/sOS4iCJpnrHI+z8GC83YtpyiE+vZ4IDX9vM:LJdzZIUp5LiCJtTfjCkY++BvBTaf4WF
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2