a7b668a39f24bf62631c580fc05cec9febddf18c991e85e338e8291fadc17187 | Triage

Sharing

General

Target

b5eba2cad89c8c071e8ed3a78714b819_JaffaCakes118
Size

887KB
Sample

240617-akmy5avfmb
MD5

b5eba2cad89c8c071e8ed3a78714b819
SHA1

55b315b021d1afa420a771b3a0828b6dd276b29d
SHA256

a7b668a39f24bf62631c580fc05cec9febddf18c991e85e338e8291fadc17187
SHA512

7cf096c7a7a56a8662c452d3f64c3b989e991d23a9f2d51e9bb3170bfe12163d6747fcac45522155100a412b88c1313ab82aafac3189de830cfcd5215de64200
SSDEEP

12288:diIk+b28iSuUizJiKSyxn3pEgsFR3ri+5tGUcbolVQIhWMh9qNwwqMdMwVVt39OO:dOUnF5RbiCQNonQI33qNwwtMwVLq6/J9

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  b5eba2cad89c8c071e8ed3a78714b819_JaffaCakes118
- Size
  
  887KB
- MD5
  
  b5eba2cad89c8c071e8ed3a78714b819
- SHA1
  
  55b315b021d1afa420a771b3a0828b6dd276b29d
- SHA256
  
  a7b668a39f24bf62631c580fc05cec9febddf18c991e85e338e8291fadc17187
- SHA512
  
  7cf096c7a7a56a8662c452d3f64c3b989e991d23a9f2d51e9bb3170bfe12163d6747fcac45522155100a412b88c1313ab82aafac3189de830cfcd5215de64200
- SSDEEP
  
  12288:diIk+b28iSuUizJiKSyxn3pEgsFR3ri+5tGUcbolVQIhWMh9qNwwqMdMwVVt39OO:dOUnF5RbiCQNonQI33qNwwtMwVLq6/J9
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2