b2c78e2425fd8b73b882172881ad7b0c0eaca7e751ecf36f0f17abc81e87b834 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6224fc74906d5b20b6e96b50f8e9333f_JaffaCakes118
Size

812KB
Sample

240521-fw3fvaab94
MD5

6224fc74906d5b20b6e96b50f8e9333f
SHA1

0c3f813ff3a5a237b236b35cf9eb4b6db003adff
SHA256

b2c78e2425fd8b73b882172881ad7b0c0eaca7e751ecf36f0f17abc81e87b834
SHA512

861697e61b14ca3e5c9bbdb5fa87dea3508ec82eede901f85b760ae3e76662dffbcf3f991b883d6224b4f9cd8874001ec47149160905448dd8f7720bafd9c84c
SSDEEP

12288:WPJ3IgTZCjb2wDW8mNGcuvocGIBhxuXpPKYYAxCtY7KGYdE3wVVOF:IgDWnNGP4j5PKYYzm7gyYOF

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  6224fc74906d5b20b6e96b50f8e9333f_JaffaCakes118
- Size
  
  812KB
- MD5
  
  6224fc74906d5b20b6e96b50f8e9333f
- SHA1
  
  0c3f813ff3a5a237b236b35cf9eb4b6db003adff
- SHA256
  
  b2c78e2425fd8b73b882172881ad7b0c0eaca7e751ecf36f0f17abc81e87b834
- SHA512
  
  861697e61b14ca3e5c9bbdb5fa87dea3508ec82eede901f85b760ae3e76662dffbcf3f991b883d6224b4f9cd8874001ec47149160905448dd8f7720bafd9c84c
- SSDEEP
  
  12288:WPJ3IgTZCjb2wDW8mNGcuvocGIBhxuXpPKYYAxCtY7KGYdE3wVVOF:IgDWnNGP4j5PKYYzm7gyYOF
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan