49bcdd6a25f00b90a604ecac1c64a74d2d336056892b5d11b9806ffaff5d617d | Triage

Sharing

General

Target

6d29e41abdb10d8db8a24ed6f23020b7_JaffaCakes118
Size

817KB
Sample

240524-dtntkabb7v
MD5

6d29e41abdb10d8db8a24ed6f23020b7
SHA1

b22604b58c7b9f440dba66db1125a54fe91e6c18
SHA256

49bcdd6a25f00b90a604ecac1c64a74d2d336056892b5d11b9806ffaff5d617d
SHA512

8ee40e15c670455bd9109cda9bf42e90cd65f5f1f20914b73182b986cf619a2bfd95f8fa235cf3206f299a5ef94d7fa07a00aaea36a9fc78929d8f0559006392
SSDEEP

24576:y+jm/yz0jS/pcVp2qtVwnE3IfzC/8Q0ViJG2UfrLi:y+6dObSOYqm8WG2uXi

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  6d29e41abdb10d8db8a24ed6f23020b7_JaffaCakes118
- Size
  
  817KB
- MD5
  
  6d29e41abdb10d8db8a24ed6f23020b7
- SHA1
  
  b22604b58c7b9f440dba66db1125a54fe91e6c18
- SHA256
  
  49bcdd6a25f00b90a604ecac1c64a74d2d336056892b5d11b9806ffaff5d617d
- SHA512
  
  8ee40e15c670455bd9109cda9bf42e90cd65f5f1f20914b73182b986cf619a2bfd95f8fa235cf3206f299a5ef94d7fa07a00aaea36a9fc78929d8f0559006392
- SSDEEP
  
  24576:y+jm/yz0jS/pcVp2qtVwnE3IfzC/8Q0ViJG2UfrLi:y+6dObSOYqm8WG2uXi
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan