1a5ce1cb743b1bba736f478a0d135ff1e4110306c2e55aabc520736571569ecb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

424f49431e45bcc2d15067d2995ed189_JaffaCakes118
Size

848KB
Sample

240514-vwpx3sff9y
MD5

424f49431e45bcc2d15067d2995ed189
SHA1

dcde66ed3d8ed2481f4c2c2ca36efeeaecbd16e3
SHA256

1a5ce1cb743b1bba736f478a0d135ff1e4110306c2e55aabc520736571569ecb
SHA512

4fcca30f566d73b077f0b3b47f35a03839077b6006628b13c8d8e7c9952913b92ec733d863dddc2f1dcb9e9d985136f7baa714a5ded8cb7fdceed487096904fb
SSDEEP

24576:Pv0JmeuHPwAORzZIz2L61di/UEoLx3QAft:HZeUwAyg2O1oUEMQit

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  424f49431e45bcc2d15067d2995ed189_JaffaCakes118
- Size
  
  848KB
- MD5
  
  424f49431e45bcc2d15067d2995ed189
- SHA1
  
  dcde66ed3d8ed2481f4c2c2ca36efeeaecbd16e3
- SHA256
  
  1a5ce1cb743b1bba736f478a0d135ff1e4110306c2e55aabc520736571569ecb
- SHA512
  
  4fcca30f566d73b077f0b3b47f35a03839077b6006628b13c8d8e7c9952913b92ec733d863dddc2f1dcb9e9d985136f7baa714a5ded8cb7fdceed487096904fb
- SSDEEP
  
  24576:Pv0JmeuHPwAORzZIz2L61di/UEoLx3QAft:HZeUwAyg2O1oUEMQit
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan