7dd4aa89f9ee2ddc0256a392abbcfb3f90b01b0bbc0019b20a2cf94f962e9f3e | Triage

Sharing

General

Target

69b44ec1215bde400c2d455cf4c3e3a1_JaffaCakes118
Size

789KB
Sample

240523-ewrhxadf84
MD5

69b44ec1215bde400c2d455cf4c3e3a1
SHA1

2a01f40fece910bf3a67a2cbce5c4d927a144403
SHA256

7dd4aa89f9ee2ddc0256a392abbcfb3f90b01b0bbc0019b20a2cf94f962e9f3e
SHA512

45c6b1a4ea7aea08ab777663002bbcd8ff5b3e75a3c3d93eb83bfb2705cd28369b9ed2a455222d5b6968437335a53ea3083bdbf1618ce431d98c080731cab48e
SSDEEP

24576:sHgYMr6tM5LET7Hfo3Dvn2pFLKSDAd9l1/Twq:sHfMr6t1fYypFLzAdz10q

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  69b44ec1215bde400c2d455cf4c3e3a1_JaffaCakes118
- Size
  
  789KB
- MD5
  
  69b44ec1215bde400c2d455cf4c3e3a1
- SHA1
  
  2a01f40fece910bf3a67a2cbce5c4d927a144403
- SHA256
  
  7dd4aa89f9ee2ddc0256a392abbcfb3f90b01b0bbc0019b20a2cf94f962e9f3e
- SHA512
  
  45c6b1a4ea7aea08ab777663002bbcd8ff5b3e75a3c3d93eb83bfb2705cd28369b9ed2a455222d5b6968437335a53ea3083bdbf1618ce431d98c080731cab48e
- SSDEEP
  
  24576:sHgYMr6tM5LET7Hfo3Dvn2pFLKSDAd9l1/Twq:sHfMr6t1fYypFLzAdz10q
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan