1691d8e1d4b3591bafd6209b6f17041f53bec641f0c40e3c3e36c508ac7c2f01 | Triage

Sharing

General

Target

69313f5735cc81d737daa8cfe614f956_JaffaCakes118
Size

833KB
Sample

240523-a5yalafe34
MD5

69313f5735cc81d737daa8cfe614f956
SHA1

aeb278cde6fae7f441fc65c5d7dfb6b05d25af10
SHA256

1691d8e1d4b3591bafd6209b6f17041f53bec641f0c40e3c3e36c508ac7c2f01
SHA512

965159db5b42ce7366d3e5cdbac7ba8981b127afedd81f79c98951f3f6148251dd26731d12d55129cb2ebf663761328802955b93d9d1a07908083901e33aeb1a
SSDEEP

12288:Nn1FTSR/3yS8IZ0Roz8k2lJ185XLXiKlOv8IxeahGr9LhOgElmwmIzpdnU2j2Y:NnjTOT2XoTiuOHNhGhL2XTnpj2Y

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  69313f5735cc81d737daa8cfe614f956_JaffaCakes118
- Size
  
  833KB
- MD5
  
  69313f5735cc81d737daa8cfe614f956
- SHA1
  
  aeb278cde6fae7f441fc65c5d7dfb6b05d25af10
- SHA256
  
  1691d8e1d4b3591bafd6209b6f17041f53bec641f0c40e3c3e36c508ac7c2f01
- SHA512
  
  965159db5b42ce7366d3e5cdbac7ba8981b127afedd81f79c98951f3f6148251dd26731d12d55129cb2ebf663761328802955b93d9d1a07908083901e33aeb1a
- SSDEEP
  
  12288:Nn1FTSR/3yS8IZ0Roz8k2lJ185XLXiKlOv8IxeahGr9LhOgElmwmIzpdnU2j2Y:NnjTOT2XoTiuOHNhGhL2XTnpj2Y
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan