a48ca25f89fd409d357c56b22e8ba36cfc852b643d2aff3861ed94417fab792e | Triage

Sharing

General

Target

621a49e564ea66da2151180392372d8f_JaffaCakes118
Size

875KB
Sample

240521-fkxq8ahg98
MD5

621a49e564ea66da2151180392372d8f
SHA1

dcdcb14d8283e7f67623dbbc85eba9be478711a5
SHA256

a48ca25f89fd409d357c56b22e8ba36cfc852b643d2aff3861ed94417fab792e
SHA512

cd010d44523bbc351929915be08d34b057ef5eb3230f22163b15bbf9adaaf0ca21381672608d74c386e62c071cf35a6cc9f064ef5c8aa712d9235e4356c24d98
SSDEEP

24576:b4z+xRhSZctiTyAArxaOrclGXDh5fU4fBWZes:b4z+0ZOrxaOaGXDhtN0ss

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  621a49e564ea66da2151180392372d8f_JaffaCakes118
- Size
  
  875KB
- MD5
  
  621a49e564ea66da2151180392372d8f
- SHA1
  
  dcdcb14d8283e7f67623dbbc85eba9be478711a5
- SHA256
  
  a48ca25f89fd409d357c56b22e8ba36cfc852b643d2aff3861ed94417fab792e
- SHA512
  
  cd010d44523bbc351929915be08d34b057ef5eb3230f22163b15bbf9adaaf0ca21381672608d74c386e62c071cf35a6cc9f064ef5c8aa712d9235e4356c24d98
- SSDEEP
  
  24576:b4z+xRhSZctiTyAArxaOrclGXDh5fU4fBWZes:b4z+0ZOrxaOaGXDhtN0ss
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2