e9b2b2232c51bf0cd0e251132002e594bd2eb1fb92d10f8dd6dcddbb8eae3893 | Triage

Sharing

General

Target

a267b914101f369e45a543f833309699_JaffaCakes118
Size

1.8MB
Sample

240612-z35dkathrp
MD5

a267b914101f369e45a543f833309699
SHA1

a348e843d9f31b1e8da2dd37a14beec69689b90e
SHA256

e9b2b2232c51bf0cd0e251132002e594bd2eb1fb92d10f8dd6dcddbb8eae3893
SHA512

6ab67c151c1a99973878c9218dd42a5b2a5b0e30a0b5c359616816a7e54b25ebf96bbcff589f0162440d2c142c501b3d7562a662bde991409bec09a3a73d12b7
SSDEEP

49152:9W3IDPx6lY6kWIaWu3neUZFQPWDvG96iv:9bMlY6kWfr3neUZOPWDo6iv

Score

6^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  a267b914101f369e45a543f833309699_JaffaCakes118
- Size
  
  1.8MB
- MD5
  
  a267b914101f369e45a543f833309699
- SHA1
  
  a348e843d9f31b1e8da2dd37a14beec69689b90e
- SHA256
  
  e9b2b2232c51bf0cd0e251132002e594bd2eb1fb92d10f8dd6dcddbb8eae3893
- SHA512
  
  6ab67c151c1a99973878c9218dd42a5b2a5b0e30a0b5c359616816a7e54b25ebf96bbcff589f0162440d2c142c501b3d7562a662bde991409bec09a3a73d12b7
- SSDEEP
  
  49152:9W3IDPx6lY6kWIaWu3neUZFQPWDvG96iv:9bMlY6kWfr3neUZOPWDo6iv
Score

6^/10

evasion persistence trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan