341f132bac265641b553fd46cd999564f78de0aa3f851bb086773b19ffa70c1f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2a6ba06ab39491b90c6040521ccba2a_JaffaCakes118
Size

810KB
Sample

240612-16xcsswfkj
MD5

a2a6ba06ab39491b90c6040521ccba2a
SHA1

17b3b49e8dcac63dcc1ed90b2b9dca18cbaeb206
SHA256

341f132bac265641b553fd46cd999564f78de0aa3f851bb086773b19ffa70c1f
SHA512

c80ed5ce942363f76d54f680928b50cfaf03500e1db38681a8f90cf4a22d6445607a5e0f1b29d272853878b2a93c3dece872f56e9a9be5f0813548b5fa3447e5
SSDEEP

24576:tt/SLFzgpyImlDVU8yBuBuw/WN06f9NCcZtT:th0Fz5FlG8yBOWN3HF3T

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  a2a6ba06ab39491b90c6040521ccba2a_JaffaCakes118
- Size
  
  810KB
- MD5
  
  a2a6ba06ab39491b90c6040521ccba2a
- SHA1
  
  17b3b49e8dcac63dcc1ed90b2b9dca18cbaeb206
- SHA256
  
  341f132bac265641b553fd46cd999564f78de0aa3f851bb086773b19ffa70c1f
- SHA512
  
  c80ed5ce942363f76d54f680928b50cfaf03500e1db38681a8f90cf4a22d6445607a5e0f1b29d272853878b2a93c3dece872f56e9a9be5f0813548b5fa3447e5
- SSDEEP
  
  24576:tt/SLFzgpyImlDVU8yBuBuw/WN06f9NCcZtT:th0Fz5FlG8yBOWN3HF3T
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan