18f9a9b56cd76d31fa4e582b92302df4756a230a5c8eca07d2d8573780f785fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a99115c022337717e430ea77b8a6cc97_JaffaCakes118
Size

875KB
Sample

240614-n572pazdjg
MD5

a99115c022337717e430ea77b8a6cc97
SHA1

af68966f396368e26287b78b09ac5bc00df50dd5
SHA256

18f9a9b56cd76d31fa4e582b92302df4756a230a5c8eca07d2d8573780f785fa
SHA512

03b3b519dc109a8a68b8f2d03e26e08db01f1a61f1ece386c7b4a4875cebf36fc64c283f0dd216dfa883f01d8bd68f14690942b0475e744794240c399f981ab8
SSDEEP

12288:kLexZWxLBuOKcj8am+eUATzSKQhYLR9IAdULm6dWQB+D838l+3p5rpgQmL2xh/2M:Y5tmfTHoUN6dLqE55mi95cbCcbY

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  a99115c022337717e430ea77b8a6cc97_JaffaCakes118
- Size
  
  875KB
- MD5
  
  a99115c022337717e430ea77b8a6cc97
- SHA1
  
  af68966f396368e26287b78b09ac5bc00df50dd5
- SHA256
  
  18f9a9b56cd76d31fa4e582b92302df4756a230a5c8eca07d2d8573780f785fa
- SHA512
  
  03b3b519dc109a8a68b8f2d03e26e08db01f1a61f1ece386c7b4a4875cebf36fc64c283f0dd216dfa883f01d8bd68f14690942b0475e744794240c399f981ab8
- SSDEEP
  
  12288:kLexZWxLBuOKcj8am+eUATzSKQhYLR9IAdULm6dWQB+D838l+3p5rpgQmL2xh/2M:Y5tmfTHoUN6dLqE55mi95cbCcbY
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2