8001004f44d2bb185d7f1c3a50d9ebcf2b0259a15c4705d6f14a4361ff0a7bfa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a28b4047ddc4b8f0c1fde440b1b48d24_JaffaCakes118
Size

806KB
Sample

240612-1nvq9avhkm
MD5

a28b4047ddc4b8f0c1fde440b1b48d24
SHA1

33176a0a3fb0439bb0117ff0a2c7b7d591a46b6d
SHA256

8001004f44d2bb185d7f1c3a50d9ebcf2b0259a15c4705d6f14a4361ff0a7bfa
SHA512

df10911f9576a3802afe998db3c21bf578ea1e445cdedb6add55b08e430160a16fc7bd5de83a36a4f94b35e9062a13245be0557b7eae966cec39f5b4477d42ca
SSDEEP

24576:fg7msXPNusX3Iffg3iUUQqriDjg8RLsrjc+5:fg7D1uyX3zqriA35

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  a28b4047ddc4b8f0c1fde440b1b48d24_JaffaCakes118
- Size
  
  806KB
- MD5
  
  a28b4047ddc4b8f0c1fde440b1b48d24
- SHA1
  
  33176a0a3fb0439bb0117ff0a2c7b7d591a46b6d
- SHA256
  
  8001004f44d2bb185d7f1c3a50d9ebcf2b0259a15c4705d6f14a4361ff0a7bfa
- SHA512
  
  df10911f9576a3802afe998db3c21bf578ea1e445cdedb6add55b08e430160a16fc7bd5de83a36a4f94b35e9062a13245be0557b7eae966cec39f5b4477d42ca
- SSDEEP
  
  24576:fg7msXPNusX3Iffg3iUUQqriDjg8RLsrjc+5:fg7D1uyX3zqriA35
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan