f8ba7f34f8197bd898f6cd42088b8f7e5154a3371886a9fd5271a4489679b684 | Triage

Sharing

General

Target

9f2c4da47baa71e0b9664310c1d3b43e_JaffaCakes118
Size

830KB
Sample

240611-xa46zsxbql
MD5

9f2c4da47baa71e0b9664310c1d3b43e
SHA1

bb845a92a0d6b489e0b3df5f82ed54282f14769a
SHA256

f8ba7f34f8197bd898f6cd42088b8f7e5154a3371886a9fd5271a4489679b684
SHA512

df3e66ebf0af0e3f6baa0f44c251650623135c7bb2e7c5347e8e9e3c3d10bbe6d61f500de7e4b7db6a6b8518cb67bdf573ebfd69836edb95f932587851425e3b
SSDEEP

24576:MD62AYV5VQ/K6NtIyt7aASg1SFlQZ46rzYKlpk:v2AY92Dvtegyn4zrrk

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  9f2c4da47baa71e0b9664310c1d3b43e_JaffaCakes118
- Size
  
  830KB
- MD5
  
  9f2c4da47baa71e0b9664310c1d3b43e
- SHA1
  
  bb845a92a0d6b489e0b3df5f82ed54282f14769a
- SHA256
  
  f8ba7f34f8197bd898f6cd42088b8f7e5154a3371886a9fd5271a4489679b684
- SHA512
  
  df3e66ebf0af0e3f6baa0f44c251650623135c7bb2e7c5347e8e9e3c3d10bbe6d61f500de7e4b7db6a6b8518cb67bdf573ebfd69836edb95f932587851425e3b
- SSDEEP
  
  24576:MD62AYV5VQ/K6NtIyt7aASg1SFlQZ46rzYKlpk:v2AY92Dvtegyn4zrrk
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan