33075df26e9ba0c7fb42f998d0d18a6479cb461c9501b7ae059bcb792c4b85c8 | Triage

Sharing

General

Target

8dc0617b2aaca5d1a0c8c3bcb9ceefbd_JaffaCakes118
Size

697KB
Sample

240602-mgb4nsad2z
MD5

8dc0617b2aaca5d1a0c8c3bcb9ceefbd
SHA1

f5e380712354ffe967486df43d7d8757844db716
SHA256

33075df26e9ba0c7fb42f998d0d18a6479cb461c9501b7ae059bcb792c4b85c8
SHA512

fecda6d10ca06a5fa2cb9294cb11953c020f655bd6d8e817a90b8fbaacd3fb0e89659f795f693a187765d462a6f10b726b3373f342f803c1cf715d128b7f9519
SSDEEP

12288:0g3A1v7TFZVjluClJK9/XUpJSphSa9pPt8ITSU9Slhk8Wk3RNA0uE:0gOu1XUpahSQK1RhhROE

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  8dc0617b2aaca5d1a0c8c3bcb9ceefbd_JaffaCakes118
- Size
  
  697KB
- MD5
  
  8dc0617b2aaca5d1a0c8c3bcb9ceefbd
- SHA1
  
  f5e380712354ffe967486df43d7d8757844db716
- SHA256
  
  33075df26e9ba0c7fb42f998d0d18a6479cb461c9501b7ae059bcb792c4b85c8
- SHA512
  
  fecda6d10ca06a5fa2cb9294cb11953c020f655bd6d8e817a90b8fbaacd3fb0e89659f795f693a187765d462a6f10b726b3373f342f803c1cf715d128b7f9519
- SSDEEP
  
  12288:0g3A1v7TFZVjluClJK9/XUpJSphSa9pPt8ITSU9Slhk8Wk3RNA0uE:0gOu1XUpahSQK1RhhROE
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan