6205073cda30c35f3bdce40295b08ddd0d578bd13759ce565b7276040bf868e3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

841477216c6c01c4e42980c2e6b107f4_JaffaCakes118
Size

820KB
Sample

240530-nm16esgf63
MD5

841477216c6c01c4e42980c2e6b107f4
SHA1

227b7cff4c05a0eb49d4a7ee8ac89118c3dce35f
SHA256

6205073cda30c35f3bdce40295b08ddd0d578bd13759ce565b7276040bf868e3
SHA512

e33a53c5e46fc1c7e31318eb0f06ffcbc6811dc2ff19d2ea59775d34f6127985395eed3f6a0dc378b839fa112834ac2af6758a8e5c795cb0f40c73230ae2615a
SSDEEP

24576:ptySLbw4+kpGEpGoP6s/afddiELd72OGRLq:pM0J+eGEkoXGtLgt9q

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  841477216c6c01c4e42980c2e6b107f4_JaffaCakes118
- Size
  
  820KB
- MD5
  
  841477216c6c01c4e42980c2e6b107f4
- SHA1
  
  227b7cff4c05a0eb49d4a7ee8ac89118c3dce35f
- SHA256
  
  6205073cda30c35f3bdce40295b08ddd0d578bd13759ce565b7276040bf868e3
- SHA512
  
  e33a53c5e46fc1c7e31318eb0f06ffcbc6811dc2ff19d2ea59775d34f6127985395eed3f6a0dc378b839fa112834ac2af6758a8e5c795cb0f40c73230ae2615a
- SSDEEP
  
  24576:ptySLbw4+kpGEpGoP6s/afddiELd72OGRLq:pM0J+eGEkoXGtLgt9q
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan