837507ff9f08dfb077d5c72d305984539a1e74e762768f6c1c8c22e481c587b3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

77011cf289793b060cc567a8909b0f2e_JaffaCakes118
Size

876KB
Sample

240526-2epz3sfd38
MD5

77011cf289793b060cc567a8909b0f2e
SHA1

68d04a2682f8f512698d1b61c8abbd8a34d3537e
SHA256

837507ff9f08dfb077d5c72d305984539a1e74e762768f6c1c8c22e481c587b3
SHA512

bddb4cbc7bf9beb444c1913f199b319aba43913f91aac487c25481888e9a681a8e76e08b0452b9248f1ba61fa444d2873f6facab5c3f995393f6ceeae17a30b8
SSDEEP

24576:BhP6o/EpuGB0pwahkydsqQigHkkllDPPgdi5GNao3YbF1yBkjfmz:BhP6WUuGpaZds0k0AZhbSz

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  77011cf289793b060cc567a8909b0f2e_JaffaCakes118
- Size
  
  876KB
- MD5
  
  77011cf289793b060cc567a8909b0f2e
- SHA1
  
  68d04a2682f8f512698d1b61c8abbd8a34d3537e
- SHA256
  
  837507ff9f08dfb077d5c72d305984539a1e74e762768f6c1c8c22e481c587b3
- SHA512
  
  bddb4cbc7bf9beb444c1913f199b319aba43913f91aac487c25481888e9a681a8e76e08b0452b9248f1ba61fa444d2873f6facab5c3f995393f6ceeae17a30b8
- SSDEEP
  
  24576:BhP6o/EpuGB0pwahkydsqQigHkkllDPPgdi5GNao3YbF1yBkjfmz:BhP6WUuGpaZds0k0AZhbSz
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2