4b90072cb6fb56503dec425a3da529b35ea6976dcb3021bec414cf257e62d554 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6c8be88dbe6e02039ea4a6cfac709aa0_JaffaCakes118
Size

1.2MB
Sample

240523-2yphnace75
MD5

6c8be88dbe6e02039ea4a6cfac709aa0
SHA1

1bf6d6498685e65361a7194498d936d166aa8faf
SHA256

4b90072cb6fb56503dec425a3da529b35ea6976dcb3021bec414cf257e62d554
SHA512

672574bee2a769c6bab9a53db8797dccbccaa8f074b685002983800702281b4c60d01be8578e1b2908b12c1782c13e17303e591c7d02f7e8f5797760301c018d
SSDEEP

24576:6urD+3POjR+pE3y3+6DBQbNXeKzOgtP1TNpiY+R:JrQm9+O3y39CjNq

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  6c8be88dbe6e02039ea4a6cfac709aa0_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  6c8be88dbe6e02039ea4a6cfac709aa0
- SHA1
  
  1bf6d6498685e65361a7194498d936d166aa8faf
- SHA256
  
  4b90072cb6fb56503dec425a3da529b35ea6976dcb3021bec414cf257e62d554
- SHA512
  
  672574bee2a769c6bab9a53db8797dccbccaa8f074b685002983800702281b4c60d01be8578e1b2908b12c1782c13e17303e591c7d02f7e8f5797760301c018d
- SSDEEP
  
  24576:6urD+3POjR+pE3y3+6DBQbNXeKzOgtP1TNpiY+R:JrQm9+O3y39CjNq
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan