28cb3aa9939ae0712c08c457f9e03529c316c18359b9fffcf9d46bff00abd22f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

94c186a49e0741ddfe1d6fd22518b39a_JaffaCakes118
Size

1.2MB
Sample

240604-n5a2ysfh23
MD5

94c186a49e0741ddfe1d6fd22518b39a
SHA1

fdcdbd8b8cf8d8c41bf3958272aea980c6083691
SHA256

28cb3aa9939ae0712c08c457f9e03529c316c18359b9fffcf9d46bff00abd22f
SHA512

cd40799b6e46484f166a3f7d8595ba6057b7b9f7c016da74cd574c1a10aebd53765cb5eb64e6cf7fb20984a2f043d839efeceb7860d610d3804783de9b19773b
SSDEEP

24576:6Po9hei+gGEYy2gQsPuIMGZksjDKe1i+5A03fc13A:P9x+zEY8LuI7ks/KSm0kW

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  94c186a49e0741ddfe1d6fd22518b39a_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  94c186a49e0741ddfe1d6fd22518b39a
- SHA1
  
  fdcdbd8b8cf8d8c41bf3958272aea980c6083691
- SHA256
  
  28cb3aa9939ae0712c08c457f9e03529c316c18359b9fffcf9d46bff00abd22f
- SHA512
  
  cd40799b6e46484f166a3f7d8595ba6057b7b9f7c016da74cd574c1a10aebd53765cb5eb64e6cf7fb20984a2f043d839efeceb7860d610d3804783de9b19773b
- SSDEEP
  
  24576:6Po9hei+gGEYy2gQsPuIMGZksjDKe1i+5A03fc13A:P9x+zEY8LuI7ks/KSm0kW
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan