399b1ea29bb18adf214857bc6bac323735b9c812e05324b0a095842d3e6fecb5 | Triage

Sharing

General

Target

699c377895bb45bbf9c6c8b62794510b_JaffaCakes118
Size

883KB
Sample

240523-d66j5sce7t
MD5

699c377895bb45bbf9c6c8b62794510b
SHA1

192894ae9aef35a28afc2585bbb6b6ae08624514
SHA256

399b1ea29bb18adf214857bc6bac323735b9c812e05324b0a095842d3e6fecb5
SHA512

c10e7d23ce70acee7061f30358c3bca32ab8ca0a43e7899bc9ae6eb5e585bb99d4886db1bfebc82b7d6874dbee30f729ac2c55ea2771873c817d5c160076d4ca
SSDEEP

24576:4Rwg/BlH3j1jP+LSse6KX7kATZbUmjtjg:gwsBjmLpHo7ki6mlg

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  699c377895bb45bbf9c6c8b62794510b_JaffaCakes118
- Size
  
  883KB
- MD5
  
  699c377895bb45bbf9c6c8b62794510b
- SHA1
  
  192894ae9aef35a28afc2585bbb6b6ae08624514
- SHA256
  
  399b1ea29bb18adf214857bc6bac323735b9c812e05324b0a095842d3e6fecb5
- SHA512
  
  c10e7d23ce70acee7061f30358c3bca32ab8ca0a43e7899bc9ae6eb5e585bb99d4886db1bfebc82b7d6874dbee30f729ac2c55ea2771873c817d5c160076d4ca
- SSDEEP
  
  24576:4Rwg/BlH3j1jP+LSse6KX7kATZbUmjtjg:gwsBjmLpHo7ki6mlg
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2