be6720a2832be7e35f086e58442adf576dc8113e2f5426ca391afeaf5817d960 | Triage

Sharing

General

Target

8827310f4f966bc27dd3b19d01172bfa_JaffaCakes118
Size

878KB
Sample

240531-yk4tmsbh77
MD5

8827310f4f966bc27dd3b19d01172bfa
SHA1

fae7519a696458f0141811a71a17f293505856ed
SHA256

be6720a2832be7e35f086e58442adf576dc8113e2f5426ca391afeaf5817d960
SHA512

82d6adb0804487fd4827e7a14922e8eb0514a0358b2593520524c1e07b355d4eea10bf2bd621bc0d19fd216c4ca5a04e90a0e55cd2cf4af2eabc305d4dbf5f3e
SSDEEP

24576:gnfjstByI3qphLWVoXHDcxHu82vCoiq6/HJzHN9f:gnfQfp3QhLHXHDc3KCNq6/pzrf

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  8827310f4f966bc27dd3b19d01172bfa_JaffaCakes118
- Size
  
  878KB
- MD5
  
  8827310f4f966bc27dd3b19d01172bfa
- SHA1
  
  fae7519a696458f0141811a71a17f293505856ed
- SHA256
  
  be6720a2832be7e35f086e58442adf576dc8113e2f5426ca391afeaf5817d960
- SHA512
  
  82d6adb0804487fd4827e7a14922e8eb0514a0358b2593520524c1e07b355d4eea10bf2bd621bc0d19fd216c4ca5a04e90a0e55cd2cf4af2eabc305d4dbf5f3e
- SSDEEP
  
  24576:gnfjstByI3qphLWVoXHDcxHu82vCoiq6/HJzHN9f:gnfQfp3QhLHXHDc3KCNq6/pzrf
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2