a36e70ee019e174ae9a9e69f1fd2cdfb208f9a24c84d1ab51b7efd44b073d856 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e3213e81d58609732e196d3ae5c541e_JaffaCakes118
Size

833KB
Sample

240520-kq3lwacc24
MD5

5e3213e81d58609732e196d3ae5c541e
SHA1

54bb8f0ab2e9a5c46855d5eba5aabaa0e4f24d19
SHA256

a36e70ee019e174ae9a9e69f1fd2cdfb208f9a24c84d1ab51b7efd44b073d856
SHA512

4e905f4c97a22f6f7078c93c34a8262d55138097ff0851c8951079fd5852d427c5530b861edb1ec76092c445aae9c22ff878e88b0c4687541077a20d3594c91a
SSDEEP

24576:MnjA7T2YCUqRzuE1VgWVPB4JY80kH3nk/R3/WAvWg:Mnm4XptjVp4J3EeAOg

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  5e3213e81d58609732e196d3ae5c541e_JaffaCakes118
- Size
  
  833KB
- MD5
  
  5e3213e81d58609732e196d3ae5c541e
- SHA1
  
  54bb8f0ab2e9a5c46855d5eba5aabaa0e4f24d19
- SHA256
  
  a36e70ee019e174ae9a9e69f1fd2cdfb208f9a24c84d1ab51b7efd44b073d856
- SHA512
  
  4e905f4c97a22f6f7078c93c34a8262d55138097ff0851c8951079fd5852d427c5530b861edb1ec76092c445aae9c22ff878e88b0c4687541077a20d3594c91a
- SSDEEP
  
  24576:MnjA7T2YCUqRzuE1VgWVPB4JY80kH3nk/R3/WAvWg:Mnm4XptjVp4J3EeAOg
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan