11cea36590d6cffaf2c6f7e9f96632a4e26715cc38848f41b3c68fff90e89a54 | Triage

Sharing

General

Target

9ec72c56af0db898a40cefaaf342b558_JaffaCakes118
Size

874KB
Sample

240611-tr9k9atcnj
MD5

9ec72c56af0db898a40cefaaf342b558
SHA1

3579f9c56acb2c17a73c9a1e03b9159222690e19
SHA256

11cea36590d6cffaf2c6f7e9f96632a4e26715cc38848f41b3c68fff90e89a54
SHA512

74e0416a0c0e400d4eef81da315e1994171fb611d79f676626ef115c9a27895d503e733401677f86e008a2d8618dcbbb3069282c51fa43f7d4b4bf32af2f6675
SSDEEP

24576:DuAH9cxJbaCslGqd/dyaPKDX5GRSj9W39o3YhNk:BCxlDGNdkak9j9W3SIrk

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  9ec72c56af0db898a40cefaaf342b558_JaffaCakes118
- Size
  
  874KB
- MD5
  
  9ec72c56af0db898a40cefaaf342b558
- SHA1
  
  3579f9c56acb2c17a73c9a1e03b9159222690e19
- SHA256
  
  11cea36590d6cffaf2c6f7e9f96632a4e26715cc38848f41b3c68fff90e89a54
- SHA512
  
  74e0416a0c0e400d4eef81da315e1994171fb611d79f676626ef115c9a27895d503e733401677f86e008a2d8618dcbbb3069282c51fa43f7d4b4bf32af2f6675
- SSDEEP
  
  24576:DuAH9cxJbaCslGqd/dyaPKDX5GRSj9W39o3YhNk:BCxlDGNdkak9j9W3SIrk
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2