8a26dd8accdecc5825cf7775cb05a279093e55d623a940a8e49c673eca0337f6 | Triage

Sharing

General

Target

4d23e77fa0d4b2e5b09405f186a7e9d6_JaffaCakes118
Size

819KB
Sample

240516-1jbskshg48
MD5

4d23e77fa0d4b2e5b09405f186a7e9d6
SHA1

999ea0c720a44693ba3391bc50fd92d464e98642
SHA256

8a26dd8accdecc5825cf7775cb05a279093e55d623a940a8e49c673eca0337f6
SHA512

dfd06c8ce80d9f1c66824e0a588f31b5295aae2a62786e3640c67c120ab5e5503a6525d54fd0efa5cf847793f72b65b3a9cc429d535e81b20d06fcf27c65f6ee
SSDEEP

24576:sTm0xlTa/0W5FETKoWYCeMKDXf3jU6bEnm0Y:Qm0xlTaL5Fi2GpEnVY

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  4d23e77fa0d4b2e5b09405f186a7e9d6_JaffaCakes118
- Size
  
  819KB
- MD5
  
  4d23e77fa0d4b2e5b09405f186a7e9d6
- SHA1
  
  999ea0c720a44693ba3391bc50fd92d464e98642
- SHA256
  
  8a26dd8accdecc5825cf7775cb05a279093e55d623a940a8e49c673eca0337f6
- SHA512
  
  dfd06c8ce80d9f1c66824e0a588f31b5295aae2a62786e3640c67c120ab5e5503a6525d54fd0efa5cf847793f72b65b3a9cc429d535e81b20d06fcf27c65f6ee
- SSDEEP
  
  24576:sTm0xlTa/0W5FETKoWYCeMKDXf3jU6bEnm0Y:Qm0xlTaL5Fi2GpEnVY
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan