4883d21ff1b977f2dea9bd22994ab92b58e389f808c68cd6def5e7f817580542 | Triage

Sharing

General

Target

8d8d9adcdc5734ce9175b69bbad780a2_JaffaCakes118
Size

818KB
Sample

240602-k1s57agg2t
MD5

8d8d9adcdc5734ce9175b69bbad780a2
SHA1

3e91233dd05f62a9ec47ae3e54508d8b6b2f9386
SHA256

4883d21ff1b977f2dea9bd22994ab92b58e389f808c68cd6def5e7f817580542
SHA512

5f04fb00be6c7fba658158dbd6b8e4eefa7da62e517ad88e5737c6e66254c2d37bc3e370bf9ddd981fcb4f8177aa21c9135f1556792bc7407a3fa4443c711b96
SSDEEP

12288:neuWG0aOJ8jMS497mQVCsceYGDXujSyT4XHMFcSmNUsDsLKcyA6OdAl6215Nm4Dz:eubI71cMXu244XHB7BYLdcN/Oxnizf

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  8d8d9adcdc5734ce9175b69bbad780a2_JaffaCakes118
- Size
  
  818KB
- MD5
  
  8d8d9adcdc5734ce9175b69bbad780a2
- SHA1
  
  3e91233dd05f62a9ec47ae3e54508d8b6b2f9386
- SHA256
  
  4883d21ff1b977f2dea9bd22994ab92b58e389f808c68cd6def5e7f817580542
- SHA512
  
  5f04fb00be6c7fba658158dbd6b8e4eefa7da62e517ad88e5737c6e66254c2d37bc3e370bf9ddd981fcb4f8177aa21c9135f1556792bc7407a3fa4443c711b96
- SSDEEP
  
  12288:neuWG0aOJ8jMS497mQVCsceYGDXujSyT4XHMFcSmNUsDsLKcyA6OdAl6215Nm4Dz:eubI71cMXu244XHB7BYLdcN/Oxnizf
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan