9032b840f0a4a63a141cf532c817fafbca88e5fec984cbc34f4ca8279d79b56e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

710be6b57c90583f7ade2f11113b4092_JaffaCakes118
Size

802KB
Sample

240525-gmpdasge6w
MD5

710be6b57c90583f7ade2f11113b4092
SHA1

2d6c0b201bc409642f91c06e3100c5a157e3a7fa
SHA256

9032b840f0a4a63a141cf532c817fafbca88e5fec984cbc34f4ca8279d79b56e
SHA512

d7c4422689eda2f74cb639145a3e89d6f5e4ec4d0c200a884e40ea73ecc2e34a56709a87644214aa33fde19e2b47e27b151f7fd6ebfbf02c615bd10ebcf3ee4b
SSDEEP

24576:SBRnBAUloxbsHXHmwIBPuwQ6O9wABZ/lqO7NU:SvnOUlols3lIBP1e9tQKU

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  710be6b57c90583f7ade2f11113b4092_JaffaCakes118
- Size
  
  802KB
- MD5
  
  710be6b57c90583f7ade2f11113b4092
- SHA1
  
  2d6c0b201bc409642f91c06e3100c5a157e3a7fa
- SHA256
  
  9032b840f0a4a63a141cf532c817fafbca88e5fec984cbc34f4ca8279d79b56e
- SHA512
  
  d7c4422689eda2f74cb639145a3e89d6f5e4ec4d0c200a884e40ea73ecc2e34a56709a87644214aa33fde19e2b47e27b151f7fd6ebfbf02c615bd10ebcf3ee4b
- SSDEEP
  
  24576:SBRnBAUloxbsHXHmwIBPuwQ6O9wABZ/lqO7NU:SvnOUlols3lIBP1e9tQKU
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan