66e9b4e1ce4e727ac7bc4874fa383fd67ec6135de1812086b06eda372b3b3f1c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7394d283dbcf17318229da93ba51d1ef_JaffaCakes118
Size

703KB
Sample

240525-3ayxvseh25
MD5

7394d283dbcf17318229da93ba51d1ef
SHA1

5d19eeb5ec6a152315bed7d366e1da768ce48bbd
SHA256

66e9b4e1ce4e727ac7bc4874fa383fd67ec6135de1812086b06eda372b3b3f1c
SHA512

84c8bfc430f07741c6b141700008db0dc9158f25d7891a836cf028255ec8b579dc3e28796b1c5c3c7629c28d797e5011463191799c005dd30c0957f1277aecb8
SSDEEP

12288:IviyjlMsGhLqVjJ/gaTbiO/7hlS85TMalRU24LJgyo/30pFfhdC24Wi:sYLqv/gaTbisSqrQL6yoQfhdC24Wi

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  7394d283dbcf17318229da93ba51d1ef_JaffaCakes118
- Size
  
  703KB
- MD5
  
  7394d283dbcf17318229da93ba51d1ef
- SHA1
  
  5d19eeb5ec6a152315bed7d366e1da768ce48bbd
- SHA256
  
  66e9b4e1ce4e727ac7bc4874fa383fd67ec6135de1812086b06eda372b3b3f1c
- SHA512
  
  84c8bfc430f07741c6b141700008db0dc9158f25d7891a836cf028255ec8b579dc3e28796b1c5c3c7629c28d797e5011463191799c005dd30c0957f1277aecb8
- SSDEEP
  
  12288:IviyjlMsGhLqVjJ/gaTbiO/7hlS85TMalRU24LJgyo/30pFfhdC24Wi:sYLqv/gaTbisSqrQL6yoQfhdC24Wi
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan