f21586b78956d8a8d5c363d5d49c8a0f40c780cfbd875cc1392c0e23e9e93fb7 | Triage

Sharing

General

Target

69b7d225dffc32c27589fa7356e31799_JaffaCakes118
Size

1.2MB
Sample

240523-e1x69adf9x
MD5

69b7d225dffc32c27589fa7356e31799
SHA1

c6fa61f4a83516ca48be7e67f22c27d4fb91b2f4
SHA256

f21586b78956d8a8d5c363d5d49c8a0f40c780cfbd875cc1392c0e23e9e93fb7
SHA512

3ad7c6ada568017c3e5d26bfbbbd83b862ee5da85ad9ec5871c7e42ee23b811133ae53426ea2d7e8783052e06f1ab2571aba812aa9be1173d79a1cd77cc9bb87
SSDEEP

12288:gi4qZBLA5ihS1tGc3SnxXUtRBqYGzq9zQyDS38Qt2EX7E7ysd5fK4gh7wfdX:MqZtD8in4RBGmzLS3szPy4dX

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  69b7d225dffc32c27589fa7356e31799_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  69b7d225dffc32c27589fa7356e31799
- SHA1
  
  c6fa61f4a83516ca48be7e67f22c27d4fb91b2f4
- SHA256
  
  f21586b78956d8a8d5c363d5d49c8a0f40c780cfbd875cc1392c0e23e9e93fb7
- SHA512
  
  3ad7c6ada568017c3e5d26bfbbbd83b862ee5da85ad9ec5871c7e42ee23b811133ae53426ea2d7e8783052e06f1ab2571aba812aa9be1173d79a1cd77cc9bb87
- SSDEEP
  
  12288:gi4qZBLA5ihS1tGc3SnxXUtRBqYGzq9zQyDS38Qt2EX7E7ysd5fK4gh7wfdX:MqZtD8in4RBGmzLS3szPy4dX
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan