b9ae37c3d0e8886685b1b4abf03178b31b262287e8073618fe7445054bce9353 | Triage

Sharing

General

Target

65e2168d668faacc5cd474c550e60977_JaffaCakes118
Size

877KB
Sample

240522-d8lbzsah29
MD5

65e2168d668faacc5cd474c550e60977
SHA1

e25b05ccfe37f361f8fef4f1c25f49dd1dfd8252
SHA256

b9ae37c3d0e8886685b1b4abf03178b31b262287e8073618fe7445054bce9353
SHA512

6b302be2f6da52e18a010c33e912fc51977d6b4aaa12c26cdc80af978cce0ee48e5cafd4ba3b0a58b9dbaaf7d256f31c97c08addb2408009e7586b47999be80c
SSDEEP

24576:tHX4UTNyswtCM7RysM3+KN2BwlVF5QQ4GvEczRNG:Z4CNyhV7Rc3+KHFrBG

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  65e2168d668faacc5cd474c550e60977_JaffaCakes118
- Size
  
  877KB
- MD5
  
  65e2168d668faacc5cd474c550e60977
- SHA1
  
  e25b05ccfe37f361f8fef4f1c25f49dd1dfd8252
- SHA256
  
  b9ae37c3d0e8886685b1b4abf03178b31b262287e8073618fe7445054bce9353
- SHA512
  
  6b302be2f6da52e18a010c33e912fc51977d6b4aaa12c26cdc80af978cce0ee48e5cafd4ba3b0a58b9dbaaf7d256f31c97c08addb2408009e7586b47999be80c
- SSDEEP
  
  24576:tHX4UTNyswtCM7RysM3+KN2BwlVF5QQ4GvEczRNG:Z4CNyhV7Rc3+KHFrBG
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2