ea135a279a6e051ab5b925a9b97bee827f528f7e5c3d5ce0467b703d9d582295 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2db709bd25acad340f4706333b6988b_JaffaCakes118
Size

877KB
Sample

240612-244vjavaqc
MD5

a2db709bd25acad340f4706333b6988b
SHA1

0ab656709905a53c57db2bdd83ba16fbb410e563
SHA256

ea135a279a6e051ab5b925a9b97bee827f528f7e5c3d5ce0467b703d9d582295
SHA512

34861216d2cc3de2eaff18a614c9b56cbee59461cd100f81de80b44451e3fa17bff71db08f7ea216d16d1c40cc12c1e813645db46681bbaf6a3bc1c99a44f04f
SSDEEP

12288:t7FUzZpO2Yij2qW3L8PS5P1jdJkUffbc90ZFnHuzvAHg+RZfNfgnRR5E:tYLRlW3L8gVdHffi8FHauf9a5E

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  a2db709bd25acad340f4706333b6988b_JaffaCakes118
- Size
  
  877KB
- MD5
  
  a2db709bd25acad340f4706333b6988b
- SHA1
  
  0ab656709905a53c57db2bdd83ba16fbb410e563
- SHA256
  
  ea135a279a6e051ab5b925a9b97bee827f528f7e5c3d5ce0467b703d9d582295
- SHA512
  
  34861216d2cc3de2eaff18a614c9b56cbee59461cd100f81de80b44451e3fa17bff71db08f7ea216d16d1c40cc12c1e813645db46681bbaf6a3bc1c99a44f04f
- SSDEEP
  
  12288:t7FUzZpO2Yij2qW3L8PS5P1jdJkUffbc90ZFnHuzvAHg+RZfNfgnRR5E:tYLRlW3L8gVdHffi8FHauf9a5E
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2