a4c66f420d35b01f20dfb9c846b8b9e81084d7e5f8c2e7b9559a4ff425a579ba | Triage

Sharing

General

Target

6a5ba5817a6874aeb620647bd9eba760_JaffaCakes118
Size

886KB
Sample

240523-kg29raah7y
MD5

6a5ba5817a6874aeb620647bd9eba760
SHA1

8750a1add794ce716fda0e0f300b11b460a27635
SHA256

a4c66f420d35b01f20dfb9c846b8b9e81084d7e5f8c2e7b9559a4ff425a579ba
SHA512

9119de64ed3ec5877169abba1cf1c6817a1de0cad4e8ae8ff4fcccec05ad044b5b70f9f365208e42e6e34342404f8a34b1835b9b7a5ca473dbbd039d13734027
SSDEEP

24576:oZz5ODkFIQqG7Ceafhts83DmWov2LMPBDR:oZz5OoF0GLfbv2QPJR

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  6a5ba5817a6874aeb620647bd9eba760_JaffaCakes118
- Size
  
  886KB
- MD5
  
  6a5ba5817a6874aeb620647bd9eba760
- SHA1
  
  8750a1add794ce716fda0e0f300b11b460a27635
- SHA256
  
  a4c66f420d35b01f20dfb9c846b8b9e81084d7e5f8c2e7b9559a4ff425a579ba
- SHA512
  
  9119de64ed3ec5877169abba1cf1c6817a1de0cad4e8ae8ff4fcccec05ad044b5b70f9f365208e42e6e34342404f8a34b1835b9b7a5ca473dbbd039d13734027
- SSDEEP
  
  24576:oZz5ODkFIQqG7Ceafhts83DmWov2LMPBDR:oZz5OoF0GLfbv2QPJR
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2