031f49a465a64beb55141e423c50a04a333402cc1b68db4b64ea43b4464ba1ad | Triage

Sharing

General

Target

472da4c5d90f41b280768536c59f71c4_JaffaCakes118
Size

882KB
Sample

240515-vp3wcsbc56
MD5

472da4c5d90f41b280768536c59f71c4
SHA1

10697f83ea9c82b2920eed7ff5442fe4c5afd5d5
SHA256

031f49a465a64beb55141e423c50a04a333402cc1b68db4b64ea43b4464ba1ad
SHA512

247ad4498b07e543a02454a5057e970ba104cc093a0fe199ad58d2edd9501851279ad32575f3012e1163c917a9870f2068eab04eb3b8cd7bb7cb13b0e2d3dabc
SSDEEP

24576:mbBWI0oeVrDTUUmjk9Se04OUKuff8kh5qFVq7A9GRQQIvoqd:mbBWI7eV3TUK9Sr4OUKuff7hMVqznIvf

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  472da4c5d90f41b280768536c59f71c4_JaffaCakes118
- Size
  
  882KB
- MD5
  
  472da4c5d90f41b280768536c59f71c4
- SHA1
  
  10697f83ea9c82b2920eed7ff5442fe4c5afd5d5
- SHA256
  
  031f49a465a64beb55141e423c50a04a333402cc1b68db4b64ea43b4464ba1ad
- SHA512
  
  247ad4498b07e543a02454a5057e970ba104cc093a0fe199ad58d2edd9501851279ad32575f3012e1163c917a9870f2068eab04eb3b8cd7bb7cb13b0e2d3dabc
- SSDEEP
  
  24576:mbBWI0oeVrDTUUmjk9Se04OUKuff8kh5qFVq7A9GRQQIvoqd:mbBWI7eV3TUK9Sr4OUKuff7hMVqznIvf
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2