753b8eead04d23f5a90ad1a7fab5f55b3f2282bd20a8d3672248a40618b5f907 | Triage

Sharing

General

Target

69cbd4cb96ffb4dd3b5f5c64499bad41_JaffaCakes118
Size

803KB
Sample

240523-fkpqlsee29
MD5

69cbd4cb96ffb4dd3b5f5c64499bad41
SHA1

4310f024f1e75b9e56a9adc8a6edd5df327b07b1
SHA256

753b8eead04d23f5a90ad1a7fab5f55b3f2282bd20a8d3672248a40618b5f907
SHA512

364f9a7a056a920179a94e2c9f4224caa29028406af60cc8ae18983bf4bcb68e9adcdea43982f638273941d3c549f71bd614538c7296602f73e6d6e161363985
SSDEEP

12288:H8iTNrwRON09gVDwgRDtLfEK/DS0dM4+OJgZMPJIVofE3bAgF6cWkBZon4zBedQ:H4tg9eK/88JUo8bF69kBS4zBedQ

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  69cbd4cb96ffb4dd3b5f5c64499bad41_JaffaCakes118
- Size
  
  803KB
- MD5
  
  69cbd4cb96ffb4dd3b5f5c64499bad41
- SHA1
  
  4310f024f1e75b9e56a9adc8a6edd5df327b07b1
- SHA256
  
  753b8eead04d23f5a90ad1a7fab5f55b3f2282bd20a8d3672248a40618b5f907
- SHA512
  
  364f9a7a056a920179a94e2c9f4224caa29028406af60cc8ae18983bf4bcb68e9adcdea43982f638273941d3c549f71bd614538c7296602f73e6d6e161363985
- SSDEEP
  
  12288:H8iTNrwRON09gVDwgRDtLfEK/DS0dM4+OJgZMPJIVofE3bAgF6cWkBZon4zBedQ:H4tg9eK/88JUo8bF69kBS4zBedQ
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan