2532d683a1eee96e95f896a9e37ca15e476e46203bb60a7d57605a59b8646455 | Triage

Sharing

General

Target

6e3a3d96f71802018470ca8177a5d5ee_JaffaCakes118
Size

852KB
Sample

240524-mqgeraea77
MD5

6e3a3d96f71802018470ca8177a5d5ee
SHA1

ace1a26d930508b6d3f36430231226f1fc97bcc0
SHA256

2532d683a1eee96e95f896a9e37ca15e476e46203bb60a7d57605a59b8646455
SHA512

be3f27af27cffabc0e3b35d2202247d33149d24a4d1a8e31dece44442011cd5e9feb73a3a76ea1e6163d841331d67805ecd1c07048f24083c8c3530aff4a3f90
SSDEEP

24576:pJVL0EKEy2oAarOkK7zo1p0H9ATxEDP40wQKx1ca:pJl0EK2IOlY0H9hP40Txa

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  6e3a3d96f71802018470ca8177a5d5ee_JaffaCakes118
- Size
  
  852KB
- MD5
  
  6e3a3d96f71802018470ca8177a5d5ee
- SHA1
  
  ace1a26d930508b6d3f36430231226f1fc97bcc0
- SHA256
  
  2532d683a1eee96e95f896a9e37ca15e476e46203bb60a7d57605a59b8646455
- SHA512
  
  be3f27af27cffabc0e3b35d2202247d33149d24a4d1a8e31dece44442011cd5e9feb73a3a76ea1e6163d841331d67805ecd1c07048f24083c8c3530aff4a3f90
- SSDEEP
  
  24576:pJVL0EKEy2oAarOkK7zo1p0H9ATxEDP40wQKx1ca:pJl0EK2IOlY0H9hP40Txa
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan