6a48fbb46281be36db156e30498241cff15914e90d72e0d3012464c28b2f29f4 | Triage

Sharing

General

Target

8b61053d7b63c75c41e8c6bc7072f71c_JaffaCakes118
Size

833KB
Sample

240601-w83kdaca84
MD5

8b61053d7b63c75c41e8c6bc7072f71c
SHA1

f86d54b469351a4d2a4e73d4fcb0c3f57e981a73
SHA256

6a48fbb46281be36db156e30498241cff15914e90d72e0d3012464c28b2f29f4
SHA512

c5b7ebc879d9a3823c013858ab1cdc97677edafd71e63503334428d79b02d9c6389ae59d6322780bbde4ac9db5b742a01b1dc1115ebc152ee52f51ed05d8da36
SSDEEP

12288:1n1FsSR/3yS8IZ0Ruz8k2lW5ztAW3bsl3nLRjoTgxxpxD/5mmlxXG08g/V4NgrOf:1njsMT2oVQXLRaMxbcmlxXd8WieR5E

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  8b61053d7b63c75c41e8c6bc7072f71c_JaffaCakes118
- Size
  
  833KB
- MD5
  
  8b61053d7b63c75c41e8c6bc7072f71c
- SHA1
  
  f86d54b469351a4d2a4e73d4fcb0c3f57e981a73
- SHA256
  
  6a48fbb46281be36db156e30498241cff15914e90d72e0d3012464c28b2f29f4
- SHA512
  
  c5b7ebc879d9a3823c013858ab1cdc97677edafd71e63503334428d79b02d9c6389ae59d6322780bbde4ac9db5b742a01b1dc1115ebc152ee52f51ed05d8da36
- SSDEEP
  
  12288:1n1FsSR/3yS8IZ0Ruz8k2lW5ztAW3bsl3nLRjoTgxxpxD/5mmlxXG08g/V4NgrOf:1njsMT2oVQXLRaMxbcmlxXd8WieR5E
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan