6783ee92063ad90fc3a099a29ed46be575ed81794078f4a07ea8896d464b5397 | Triage

Sharing

General

Target

63ac0c583107e9a959df3cfb9cb8acf8_JaffaCakes118
Size

877KB
Sample

240521-r54aaahf61
MD5

63ac0c583107e9a959df3cfb9cb8acf8
SHA1

1b4a6705c7630b39a58b323f5b73d64e8395d71b
SHA256

6783ee92063ad90fc3a099a29ed46be575ed81794078f4a07ea8896d464b5397
SHA512

2d21a9cf1d43c6f396aa57bffc186db547f94894e6737cd00a6207acca7cf93be7ac8f6324e22a5d95b148a8881c0a4390e0af8354c04e52693fdec7539b0e94
SSDEEP

24576:ghX4UrxyAfE0a//xYxvCSRdDNtITLX1DH3:I4qxyR//OlbDy3

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  63ac0c583107e9a959df3cfb9cb8acf8_JaffaCakes118
- Size
  
  877KB
- MD5
  
  63ac0c583107e9a959df3cfb9cb8acf8
- SHA1
  
  1b4a6705c7630b39a58b323f5b73d64e8395d71b
- SHA256
  
  6783ee92063ad90fc3a099a29ed46be575ed81794078f4a07ea8896d464b5397
- SHA512
  
  2d21a9cf1d43c6f396aa57bffc186db547f94894e6737cd00a6207acca7cf93be7ac8f6324e22a5d95b148a8881c0a4390e0af8354c04e52693fdec7539b0e94
- SSDEEP
  
  24576:ghX4UrxyAfE0a//xYxvCSRdDNtITLX1DH3:I4qxyR//OlbDy3
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2