28a495b963debed8c344a8c91cf17657b205b97356401892aac27171fba22e3e | Triage

Sharing

General

Target

6dd1674e382ec3ebbeb774b391b72d2e_JaffaCakes118
Size

855KB
Sample

240524-jvaafsae5x
MD5

6dd1674e382ec3ebbeb774b391b72d2e
SHA1

4cafaff8a39a9c1237684b4adb7a82b35e60da3c
SHA256

28a495b963debed8c344a8c91cf17657b205b97356401892aac27171fba22e3e
SHA512

a2b1c05c51efc4c0b52e2832c26f9a02e21034ba6d11845e3c7fcb1ea722bb2f1543ebb45db20005013e20f1ccd5fe9e2f8fdd1f6f04a7a54aa6748375c30adc
SSDEEP

24576:U4/aeNdewF/yOFrjm7lfrHS1QmNmVk1rNsd48:fdewZeJ7S1QLo8

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  6dd1674e382ec3ebbeb774b391b72d2e_JaffaCakes118
- Size
  
  855KB
- MD5
  
  6dd1674e382ec3ebbeb774b391b72d2e
- SHA1
  
  4cafaff8a39a9c1237684b4adb7a82b35e60da3c
- SHA256
  
  28a495b963debed8c344a8c91cf17657b205b97356401892aac27171fba22e3e
- SHA512
  
  a2b1c05c51efc4c0b52e2832c26f9a02e21034ba6d11845e3c7fcb1ea722bb2f1543ebb45db20005013e20f1ccd5fe9e2f8fdd1f6f04a7a54aa6748375c30adc
- SSDEEP
  
  24576:U4/aeNdewF/yOFrjm7lfrHS1QmNmVk1rNsd48:fdewZeJ7S1QLo8
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan