39379f583261162e2892f3c3bd3b9e76a3068c28b3caab266136c830621ae899 | Triage

Sharing

General

Target

65b564d6d2dbc859711d2877ca01e045_JaffaCakes118
Size

847KB
Sample

240522-c2klfahe84
MD5

65b564d6d2dbc859711d2877ca01e045
SHA1

c71683278588ee78f280d1c410b1e4c75178cbdd
SHA256

39379f583261162e2892f3c3bd3b9e76a3068c28b3caab266136c830621ae899
SHA512

6d72679328bf796ccaf68cb5ce12d1d68340fd934bda2a70a28903e02a855131b837f8578406fb9ddb1be84fa0762752fe7ab2af8e83888447e264a09ec6d274
SSDEEP

24576:bswpRuQ4QFAttJh4xEJps5iJ2NKOxQ2L0D0SO7:xFXwJ2e47

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  65b564d6d2dbc859711d2877ca01e045_JaffaCakes118
- Size
  
  847KB
- MD5
  
  65b564d6d2dbc859711d2877ca01e045
- SHA1
  
  c71683278588ee78f280d1c410b1e4c75178cbdd
- SHA256
  
  39379f583261162e2892f3c3bd3b9e76a3068c28b3caab266136c830621ae899
- SHA512
  
  6d72679328bf796ccaf68cb5ce12d1d68340fd934bda2a70a28903e02a855131b837f8578406fb9ddb1be84fa0762752fe7ab2af8e83888447e264a09ec6d274
- SSDEEP
  
  24576:bswpRuQ4QFAttJh4xEJps5iJ2NKOxQ2L0D0SO7:xFXwJ2e47
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan