07e1e2675c9b126b862dd6d8281b982169da5913265f400b7c09cccdeb13feb3 | Triage

Sharing

General

Target

693551d651b3c7c4092eee14784338c4_JaffaCakes118
Size

703KB
Sample

240523-a9kv3aff78
MD5

693551d651b3c7c4092eee14784338c4
SHA1

2bf583c9897c28d6916e9d6916929d9534f6370f
SHA256

07e1e2675c9b126b862dd6d8281b982169da5913265f400b7c09cccdeb13feb3
SHA512

2bb2dacbdfd02cee6d948011650883f3585278e2eb255f6cd044706824db69f53f14ca5be98d72868b8625fea7a755ab5309b95bd6149e9088b07d6108586bf4
SSDEEP

12288:+45Xd4jyMWjDOagAeI89G9EBqmsf9pk7F1qSX9QTPu2aE:+5jyPjDOag39G9Aqlfc7F1bX9QTPu2

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  693551d651b3c7c4092eee14784338c4_JaffaCakes118
- Size
  
  703KB
- MD5
  
  693551d651b3c7c4092eee14784338c4
- SHA1
  
  2bf583c9897c28d6916e9d6916929d9534f6370f
- SHA256
  
  07e1e2675c9b126b862dd6d8281b982169da5913265f400b7c09cccdeb13feb3
- SHA512
  
  2bb2dacbdfd02cee6d948011650883f3585278e2eb255f6cd044706824db69f53f14ca5be98d72868b8625fea7a755ab5309b95bd6149e9088b07d6108586bf4
- SSDEEP
  
  12288:+45Xd4jyMWjDOagAeI89G9EBqmsf9pk7F1qSX9QTPu2aE:+5jyPjDOag39G9Aqlfc7F1bX9QTPu2
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan