ba30e5ada2c3da88d1264dda12417b1479070b179e41a480d777d678a993697e | Triage

Sharing

General

Target

6a4ee4311a5b6a2852fb49a09075276b_JaffaCakes118
Size

703KB
Sample

240523-j44wesae22
MD5

6a4ee4311a5b6a2852fb49a09075276b
SHA1

d3e4686dc36647988c617ff98f67eec2d9df9ed0
SHA256

ba30e5ada2c3da88d1264dda12417b1479070b179e41a480d777d678a993697e
SHA512

2a7ad6815eb15a2073eaefcfeaa50da491c3a83a69da971ae9a8fa3ab4bd25e4fdc61cef88ea27495b49ee2e4744ddda269784118c8931ccf9bebf65cf9564ef
SSDEEP

12288:BviyjlMsGhLqVjJ/gaTbiO/7hlS85TMalRU24LJgyo/30pFfhdC24W4:dYLqv/gaTbisSqrQL6yoQfhdC24W4

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  6a4ee4311a5b6a2852fb49a09075276b_JaffaCakes118
- Size
  
  703KB
- MD5
  
  6a4ee4311a5b6a2852fb49a09075276b
- SHA1
  
  d3e4686dc36647988c617ff98f67eec2d9df9ed0
- SHA256
  
  ba30e5ada2c3da88d1264dda12417b1479070b179e41a480d777d678a993697e
- SHA512
  
  2a7ad6815eb15a2073eaefcfeaa50da491c3a83a69da971ae9a8fa3ab4bd25e4fdc61cef88ea27495b49ee2e4744ddda269784118c8931ccf9bebf65cf9564ef
- SSDEEP
  
  12288:BviyjlMsGhLqVjJ/gaTbiO/7hlS85TMalRU24LJgyo/30pFfhdC24W4:dYLqv/gaTbisSqrQL6yoQfhdC24W4
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan