1f4b910fa048f5614757f2c74e4406182574ee8d791ef045e08750ac310e5918 | Triage

Sharing

General

Target

630bef51107b4590a57fa5206c6ce3ec_JaffaCakes118
Size

845KB
Sample

240521-m1dfvaba3v
MD5

630bef51107b4590a57fa5206c6ce3ec
SHA1

9e97df0e2b7684b885ac64def649ddb8e33a02b0
SHA256

1f4b910fa048f5614757f2c74e4406182574ee8d791ef045e08750ac310e5918
SHA512

880e773b5cba21fbe018013bcb3e8af0bfa1685b5db0f0b25526d52f5532dae0300b904432ff95ddfd2a0816d5020f51c9859ae0238c26c5eb124b05b01df180
SSDEEP

24576:hYW0r5eL+8oBQaWR6wPkJoKSMr4vZd8sXKsbJ4mCK:h1seyzQaWR6hJoXr8sXKsF41K

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  630bef51107b4590a57fa5206c6ce3ec_JaffaCakes118
- Size
  
  845KB
- MD5
  
  630bef51107b4590a57fa5206c6ce3ec
- SHA1
  
  9e97df0e2b7684b885ac64def649ddb8e33a02b0
- SHA256
  
  1f4b910fa048f5614757f2c74e4406182574ee8d791ef045e08750ac310e5918
- SHA512
  
  880e773b5cba21fbe018013bcb3e8af0bfa1685b5db0f0b25526d52f5532dae0300b904432ff95ddfd2a0816d5020f51c9859ae0238c26c5eb124b05b01df180
- SSDEEP
  
  24576:hYW0r5eL+8oBQaWR6wPkJoKSMr4vZd8sXKsbJ4mCK:h1seyzQaWR6hJoXr8sXKsF41K
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan