82ff6fa9f3cc39372a6b9bba9aa2697c25eb360087f89295e8c189073a79426a | Triage

Sharing

General

Target

6d224b32d4c7ce13cd41936dbbe1e53c_JaffaCakes118
Size

810KB
Sample

240524-djt8laah2t
MD5

6d224b32d4c7ce13cd41936dbbe1e53c
SHA1

2f173501bc3e9e080995acc7b2419dfb7e2a5fff
SHA256

82ff6fa9f3cc39372a6b9bba9aa2697c25eb360087f89295e8c189073a79426a
SHA512

b411c07be6f165bb7e60b1735fdc2b7161035d632f8eec8ef0da353adbf2da4211c6233ed713dcf1610c7aeffc22f6b0f19d8584422c8f35e2059a0516634fbb
SSDEEP

24576:+J0IBbRzdoHWu9TSEAuFxAnyCwkHSGQY8i7I:u08FqHNTAuFqyr0aSI

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  6d224b32d4c7ce13cd41936dbbe1e53c_JaffaCakes118
- Size
  
  810KB
- MD5
  
  6d224b32d4c7ce13cd41936dbbe1e53c
- SHA1
  
  2f173501bc3e9e080995acc7b2419dfb7e2a5fff
- SHA256
  
  82ff6fa9f3cc39372a6b9bba9aa2697c25eb360087f89295e8c189073a79426a
- SHA512
  
  b411c07be6f165bb7e60b1735fdc2b7161035d632f8eec8ef0da353adbf2da4211c6233ed713dcf1610c7aeffc22f6b0f19d8584422c8f35e2059a0516634fbb
- SSDEEP
  
  24576:+J0IBbRzdoHWu9TSEAuFxAnyCwkHSGQY8i7I:u08FqHNTAuFqyr0aSI
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan