07e1e2675c9b126b862dd6d8281b982169da5913265f400b7c09cccdeb13feb3 | Triage

Sharing

General

Target

693551d651b3c7c4092eee14784338c4_JaffaCakes118
Size

703KB
Sample

240523-a9kv3aff78
MD5

693551d651b3c7c4092eee14784338c4
SHA1

2bf583c9897c28d6916e9d6916929d9534f6370f
SHA256

07e1e2675c9b126b862dd6d8281b982169da5913265f400b7c09cccdeb13feb3
SHA512

2bb2dacbdfd02cee6d948011650883f3585278e2eb255f6cd044706824db69f53f14ca5be98d72868b8625fea7a755ab5309b95bd6149e9088b07d6108586bf4
SSDEEP

12288:+45Xd4jyMWjDOagAeI89G9EBqmsf9pk7F1qSX9QTPu2aE:+5jyPjDOag39G9Aqlfc7F1bX9QTPu2

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  693551d651b3c7c4092eee14784338c4_JaffaCakes118
- Size
  
  703KB
- MD5
  
  693551d651b3c7c4092eee14784338c4
- SHA1
  
  2bf583c9897c28d6916e9d6916929d9534f6370f
- SHA256
  
  07e1e2675c9b126b862dd6d8281b982169da5913265f400b7c09cccdeb13feb3
- SHA512
  
  2bb2dacbdfd02cee6d948011650883f3585278e2eb255f6cd044706824db69f53f14ca5be98d72868b8625fea7a755ab5309b95bd6149e9088b07d6108586bf4
- SSDEEP
  
  12288:+45Xd4jyMWjDOagAeI89G9EBqmsf9pk7F1qSX9QTPu2aE:+5jyPjDOag39G9Aqlfc7F1bX9QTPu2
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan