4a6f0382547e1967378e7b45ff6eeb726ebc81d437a2002217533a02cec66dfa | Triage

Sharing

General

Target

690b281153a39b147d0a0bf2e6ecb4ac_JaffaCakes118
Size

865KB
Sample

240522-3sp3nsdg49
MD5

690b281153a39b147d0a0bf2e6ecb4ac
SHA1

8c08ccc7efe8b90aa593b39a007acf1fc88f3d6c
SHA256

4a6f0382547e1967378e7b45ff6eeb726ebc81d437a2002217533a02cec66dfa
SHA512

b698162fe427e5ef3d8123e8ad3e5d38d12dd1d3db121a5f36d3866e4744e1cb164adc37d2082db2bb34f2db7cf332b737e1ee3b118f1dd7b1c277f79782e880
SSDEEP

24576:GGJxfYKDIOPTfaFMNnFHlXidYfr3yj6b9XoK:GG7fYEIODaUh9id0w6KK

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  690b281153a39b147d0a0bf2e6ecb4ac_JaffaCakes118
- Size
  
  865KB
- MD5
  
  690b281153a39b147d0a0bf2e6ecb4ac
- SHA1
  
  8c08ccc7efe8b90aa593b39a007acf1fc88f3d6c
- SHA256
  
  4a6f0382547e1967378e7b45ff6eeb726ebc81d437a2002217533a02cec66dfa
- SHA512
  
  b698162fe427e5ef3d8123e8ad3e5d38d12dd1d3db121a5f36d3866e4744e1cb164adc37d2082db2bb34f2db7cf332b737e1ee3b118f1dd7b1c277f79782e880
- SSDEEP
  
  24576:GGJxfYKDIOPTfaFMNnFHlXidYfr3yj6b9XoK:GG7fYEIODaUh9id0w6KK
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan