4b9dcb8667faec765db704ed08ffd38eb1652d0b115e7dd54fb3d56fef778c18 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a352b639252450c9064dbf1607daed29_JaffaCakes118
Size

893KB
Sample

240613-bms4layelh
MD5

a352b639252450c9064dbf1607daed29
SHA1

2abeadc2e8db32845188a05850144117ecda1830
SHA256

4b9dcb8667faec765db704ed08ffd38eb1652d0b115e7dd54fb3d56fef778c18
SHA512

1b43ae17fa92fdacafd303ced17b021be2a892493bffb811e1d8daaff9e21417a038ac002b5062f093f62ff7e61a1437f1a23f139da067a8bf1d2fca7ba0dfe0
SSDEEP

24576:5aNHYRPz0nHGk4Mg/zDSXAPV9bPH8Zo0BNowsFO:5aORPziHGk4vrDfz/mo0BqwuO

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  a352b639252450c9064dbf1607daed29_JaffaCakes118
- Size
  
  893KB
- MD5
  
  a352b639252450c9064dbf1607daed29
- SHA1
  
  2abeadc2e8db32845188a05850144117ecda1830
- SHA256
  
  4b9dcb8667faec765db704ed08ffd38eb1652d0b115e7dd54fb3d56fef778c18
- SHA512
  
  1b43ae17fa92fdacafd303ced17b021be2a892493bffb811e1d8daaff9e21417a038ac002b5062f093f62ff7e61a1437f1a23f139da067a8bf1d2fca7ba0dfe0
- SSDEEP
  
  24576:5aNHYRPz0nHGk4Mg/zDSXAPV9bPH8Zo0BNowsFO:5aORPziHGk4vrDfz/mo0BqwuO
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2