7583b9c35c123035210a77f78de1412d0351b2ee70e83aaeb351e00f41e8c868 | Triage

Sharing

General

Target

690dd1b6c4f08728493d1ccbbfd6798a_JaffaCakes118
Size

984KB
Sample

240522-3v3fsadh43
MD5

690dd1b6c4f08728493d1ccbbfd6798a
SHA1

6c9b9ab0ea2ca94b43507fd35bdf5d128336a288
SHA256

7583b9c35c123035210a77f78de1412d0351b2ee70e83aaeb351e00f41e8c868
SHA512

4290e16739b5903864dd14e0780bb85c27c4ee5bb612765348e21e076b315c47a7f5484424917d46391593595408a3b69c5e8118a847ec75fbf6a442130b9ee8
SSDEEP

24576:d40x937ksjbW8THJa533FS43K9dC4xIF2wlak3C7jI:d40L37k4W8THJCZn2Caky3I

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  690dd1b6c4f08728493d1ccbbfd6798a_JaffaCakes118
- Size
  
  984KB
- MD5
  
  690dd1b6c4f08728493d1ccbbfd6798a
- SHA1
  
  6c9b9ab0ea2ca94b43507fd35bdf5d128336a288
- SHA256
  
  7583b9c35c123035210a77f78de1412d0351b2ee70e83aaeb351e00f41e8c868
- SHA512
  
  4290e16739b5903864dd14e0780bb85c27c4ee5bb612765348e21e076b315c47a7f5484424917d46391593595408a3b69c5e8118a847ec75fbf6a442130b9ee8
- SSDEEP
  
  24576:d40x937ksjbW8THJa533FS43K9dC4xIF2wlak3C7jI:d40L37k4W8THJCZn2Caky3I
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan