f21586b78956d8a8d5c363d5d49c8a0f40c780cfbd875cc1392c0e23e9e93fb7 | Triage

Sharing

General

Target

69b7d225dffc32c27589fa7356e31799_JaffaCakes118
Size

1.2MB
Sample

240523-e1x69adf9x
MD5

69b7d225dffc32c27589fa7356e31799
SHA1

c6fa61f4a83516ca48be7e67f22c27d4fb91b2f4
SHA256

f21586b78956d8a8d5c363d5d49c8a0f40c780cfbd875cc1392c0e23e9e93fb7
SHA512

3ad7c6ada568017c3e5d26bfbbbd83b862ee5da85ad9ec5871c7e42ee23b811133ae53426ea2d7e8783052e06f1ab2571aba812aa9be1173d79a1cd77cc9bb87
SSDEEP

12288:gi4qZBLA5ihS1tGc3SnxXUtRBqYGzq9zQyDS38Qt2EX7E7ysd5fK4gh7wfdX:MqZtD8in4RBGmzLS3szPy4dX

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  69b7d225dffc32c27589fa7356e31799_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  69b7d225dffc32c27589fa7356e31799
- SHA1
  
  c6fa61f4a83516ca48be7e67f22c27d4fb91b2f4
- SHA256
  
  f21586b78956d8a8d5c363d5d49c8a0f40c780cfbd875cc1392c0e23e9e93fb7
- SHA512
  
  3ad7c6ada568017c3e5d26bfbbbd83b862ee5da85ad9ec5871c7e42ee23b811133ae53426ea2d7e8783052e06f1ab2571aba812aa9be1173d79a1cd77cc9bb87
- SSDEEP
  
  12288:gi4qZBLA5ihS1tGc3SnxXUtRBqYGzq9zQyDS38Qt2EX7E7ysd5fK4gh7wfdX:MqZtD8in4RBGmzLS3szPy4dX
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan