17511d1d0f2d2f5038274b0d2fc8ef3058d4de229f1fa920f0b9bf6a1a939eb2 | Triage

Sharing

General

Target

b6b76a55205101ccc9ddb33a4632ac51_JaffaCakes118
Size

888KB
Sample

240617-ew7j5ayajj
MD5

b6b76a55205101ccc9ddb33a4632ac51
SHA1

f97deac664f7faf3a711ba8e23ef1fd970c32858
SHA256

17511d1d0f2d2f5038274b0d2fc8ef3058d4de229f1fa920f0b9bf6a1a939eb2
SHA512

4e216e76304bc760a7c6b10f9c765de574500938037cd42a694e0c51b56dee7041ea61dfc77f03557ce18279665823356c073e677f17ee49a49f4bf5d09594d4
SSDEEP

24576:cxycUnu+8mG7mTZsGoFqyywkcG5ljrSb3p:cMgmymTeT8LJ5ljqp

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  b6b76a55205101ccc9ddb33a4632ac51_JaffaCakes118
- Size
  
  888KB
- MD5
  
  b6b76a55205101ccc9ddb33a4632ac51
- SHA1
  
  f97deac664f7faf3a711ba8e23ef1fd970c32858
- SHA256
  
  17511d1d0f2d2f5038274b0d2fc8ef3058d4de229f1fa920f0b9bf6a1a939eb2
- SHA512
  
  4e216e76304bc760a7c6b10f9c765de574500938037cd42a694e0c51b56dee7041ea61dfc77f03557ce18279665823356c073e677f17ee49a49f4bf5d09594d4
- SSDEEP
  
  24576:cxycUnu+8mG7mTZsGoFqyywkcG5ljrSb3p:cMgmymTeT8LJ5ljqp
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2