faee3bc7c0101c5cc99722f3b0c853206d88692606fd422b0a8188d99fe266a9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9e0ee9ed6ed341dff606ed87b5bdfcad_JaffaCakes118
Size

852KB
Sample

240611-nvdebswdln
MD5

9e0ee9ed6ed341dff606ed87b5bdfcad
SHA1

c38f5a6219bb3fd55bd90779c86cf3745d991144
SHA256

faee3bc7c0101c5cc99722f3b0c853206d88692606fd422b0a8188d99fe266a9
SHA512

91a4ec546e0c5fa4925a992a46b60885daf53c7a91800ea53426b1a9b8fb5a704a83dade6d33abdd21b9f4a452d0abf9d74d30e642d4cb0978ac05e2610bd042
SSDEEP

24576:eJVL0liEy24V0t0tmevWYe5lzSgHEFGJK3lIcu:eJl0liTVrtxOYeX5kFM8u

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  9e0ee9ed6ed341dff606ed87b5bdfcad_JaffaCakes118
- Size
  
  852KB
- MD5
  
  9e0ee9ed6ed341dff606ed87b5bdfcad
- SHA1
  
  c38f5a6219bb3fd55bd90779c86cf3745d991144
- SHA256
  
  faee3bc7c0101c5cc99722f3b0c853206d88692606fd422b0a8188d99fe266a9
- SHA512
  
  91a4ec546e0c5fa4925a992a46b60885daf53c7a91800ea53426b1a9b8fb5a704a83dade6d33abdd21b9f4a452d0abf9d74d30e642d4cb0978ac05e2610bd042
- SSDEEP
  
  24576:eJVL0liEy24V0t0tmevWYe5lzSgHEFGJK3lIcu:eJl0liTVrtxOYeX5kFM8u
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan