08ada8158b0e22c83ceb756d11e526ee47cda3503eb933c54c74188defc1c7c8 | Triage

Sharing

General

Target

4849cfb3c62b562ab53ef3de9bc3ec9c_JaffaCakes118
Size

839KB
Sample

240515-17et5sfb35
MD5

4849cfb3c62b562ab53ef3de9bc3ec9c
SHA1

5bee8de99742a39d7884bbd30bc6ac52ee43befb
SHA256

08ada8158b0e22c83ceb756d11e526ee47cda3503eb933c54c74188defc1c7c8
SHA512

987ce4a1d4e09fad0627f968b3984d85b86a6644feaa5ce22e7bad48cbf66c947526998b181f15451c5ff5e03b4dc15735e78c9d79e7e818e6aabce364bd39ad
SSDEEP

24576:g9ndyAZylajovSXAkG4ALW/oKOot/X9Bxg117U:g9nds4odk5ACwfU9IHU

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  4849cfb3c62b562ab53ef3de9bc3ec9c_JaffaCakes118
- Size
  
  839KB
- MD5
  
  4849cfb3c62b562ab53ef3de9bc3ec9c
- SHA1
  
  5bee8de99742a39d7884bbd30bc6ac52ee43befb
- SHA256
  
  08ada8158b0e22c83ceb756d11e526ee47cda3503eb933c54c74188defc1c7c8
- SHA512
  
  987ce4a1d4e09fad0627f968b3984d85b86a6644feaa5ce22e7bad48cbf66c947526998b181f15451c5ff5e03b4dc15735e78c9d79e7e818e6aabce364bd39ad
- SSDEEP
  
  24576:g9ndyAZylajovSXAkG4ALW/oKOot/X9Bxg117U:g9nds4odk5ACwfU9IHU
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan