0440daaf94887d63921461fdee5469a23a14eea6c378fb2d530c7e0de6a7d64c | Triage

Sharing

General

Target

af0875aa99231fe800b2ada49ebea450_JaffaCakes118
Size

822KB
Sample

240615-sllrkavekb
MD5

af0875aa99231fe800b2ada49ebea450
SHA1

8cb7467e70100400048f6d6d4fafd5adfa9548dd
SHA256

0440daaf94887d63921461fdee5469a23a14eea6c378fb2d530c7e0de6a7d64c
SHA512

000df14e7372bd4a22eb664d968eeb6b053cea9627fce235e6c07d4633b073d85062db33ee818e267144ae1a0974d9e979ac0befa1fbee471569cc277c23b4e7
SSDEEP

24576:z/1fPXonOleL/luajPHn4WYTs6pgNcFKh8:z/1XkdRYWiLgus8

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  af0875aa99231fe800b2ada49ebea450_JaffaCakes118
- Size
  
  822KB
- MD5
  
  af0875aa99231fe800b2ada49ebea450
- SHA1
  
  8cb7467e70100400048f6d6d4fafd5adfa9548dd
- SHA256
  
  0440daaf94887d63921461fdee5469a23a14eea6c378fb2d530c7e0de6a7d64c
- SHA512
  
  000df14e7372bd4a22eb664d968eeb6b053cea9627fce235e6c07d4633b073d85062db33ee818e267144ae1a0974d9e979ac0befa1fbee471569cc277c23b4e7
- SSDEEP
  
  24576:z/1fPXonOleL/luajPHn4WYTs6pgNcFKh8:z/1XkdRYWiLgus8
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan