347d5b1d367f598b3d2802b4ced919e8f2d2f699e97bc21c22a2954692c86e53 | Triage

Sharing

General

Target

6d4ff108eb8c6578df03bfd6532d5ea9_JaffaCakes118
Size

1.2MB
Sample

240524-ew4s8sch68
MD5

6d4ff108eb8c6578df03bfd6532d5ea9
SHA1

3039267207ca2decac8224591d0c080696cf34a5
SHA256

347d5b1d367f598b3d2802b4ced919e8f2d2f699e97bc21c22a2954692c86e53
SHA512

74e46f570ad3236faa4620f019d3b1004a12f731c506d273d3860a372ae5f91c8def02183380e5da649a9b5899f14964d95cd526071f924b04dd8774686be931
SSDEEP

24576:QuZVCjKvNDc4GrZrvOPagNsAw1BQf5OXkviXRNBza:QuZVCjKvNgrZrKagSp1o59SN

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  6d4ff108eb8c6578df03bfd6532d5ea9_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  6d4ff108eb8c6578df03bfd6532d5ea9
- SHA1
  
  3039267207ca2decac8224591d0c080696cf34a5
- SHA256
  
  347d5b1d367f598b3d2802b4ced919e8f2d2f699e97bc21c22a2954692c86e53
- SHA512
  
  74e46f570ad3236faa4620f019d3b1004a12f731c506d273d3860a372ae5f91c8def02183380e5da649a9b5899f14964d95cd526071f924b04dd8774686be931
- SSDEEP
  
  24576:QuZVCjKvNDc4GrZrvOPagNsAw1BQf5OXkviXRNBza:QuZVCjKvNgrZrKagSp1o59SN
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan