9384e382a34d87c2580f7a32880db0e86d1560b81ad5462cd6ae0e36a3bfe7e7 | Triage

Sharing

General

Target

7bdc7c7308d38d48b7520431bb1cd466_JaffaCakes118
Size

876KB
Sample

240528-f6ht7ahb42
MD5

7bdc7c7308d38d48b7520431bb1cd466
SHA1

f0c2767ca8163faa71bd4b9f47dcdc9806832e81
SHA256

9384e382a34d87c2580f7a32880db0e86d1560b81ad5462cd6ae0e36a3bfe7e7
SHA512

3c00f0dfdbdf08fc044335b2445e161160cb74dfe200022f5623d4d08ae2407f2f625bd28caf5b81e6c1400e1c68eae7090c6c860ff142fb363c4ad17f7a2a50
SSDEEP

24576:GtJvgaFyxTHxewmnqAxYwMDvUdgtVHvZ+vzSkc63:GTvlFcHxewizxY+gjHvZ4Dj3

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  7bdc7c7308d38d48b7520431bb1cd466_JaffaCakes118
- Size
  
  876KB
- MD5
  
  7bdc7c7308d38d48b7520431bb1cd466
- SHA1
  
  f0c2767ca8163faa71bd4b9f47dcdc9806832e81
- SHA256
  
  9384e382a34d87c2580f7a32880db0e86d1560b81ad5462cd6ae0e36a3bfe7e7
- SHA512
  
  3c00f0dfdbdf08fc044335b2445e161160cb74dfe200022f5623d4d08ae2407f2f625bd28caf5b81e6c1400e1c68eae7090c6c860ff142fb363c4ad17f7a2a50
- SSDEEP
  
  24576:GtJvgaFyxTHxewmnqAxYwMDvUdgtVHvZ+vzSkc63:GTvlFcHxewizxY+gjHvZ4Dj3
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2