cc5a43ccd15964d40819901884db3377b5809317e9702a8a195d0c75495bef8d | Triage

Sharing

General

Target

c12e7a17ab9fb0b2846304fbc977ce61_JaffaCakes118
Size

887KB
Sample

240825-vhn4mavamc
MD5

c12e7a17ab9fb0b2846304fbc977ce61
SHA1

424fefc2012bc971eabe8aeef7c9d917a0f10eb9
SHA256

cc5a43ccd15964d40819901884db3377b5809317e9702a8a195d0c75495bef8d
SHA512

69a5f02dda2d92a49b99cc1569dca282a06214e13f5669d37b14b29dc6cadd3acdc65b3645b7e7938f8e97eba9257057c346b821d00dd033d10a14bd78a3622c
SSDEEP

24576:+JEhE/3F8BUlTR7ZtQNoKgMYLtp5XZtMS2HT:+WhE3FRtPQfZYJJtiT

Score

7^/10

discovery evasion persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  c12e7a17ab9fb0b2846304fbc977ce61_JaffaCakes118
- Size
  
  887KB
- MD5
  
  c12e7a17ab9fb0b2846304fbc977ce61
- SHA1
  
  424fefc2012bc971eabe8aeef7c9d917a0f10eb9
- SHA256
  
  cc5a43ccd15964d40819901884db3377b5809317e9702a8a195d0c75495bef8d
- SHA512
  
  69a5f02dda2d92a49b99cc1569dca282a06214e13f5669d37b14b29dc6cadd3acdc65b3645b7e7938f8e97eba9257057c346b821d00dd033d10a14bd78a3622c
- SSDEEP
  
  24576:+JEhE/3F8BUlTR7ZtQNoKgMYLtp5XZtMS2HT:+WhE3FRtPQfZYJJtiT
Score

7^/10

discovery evasion persistence privilege_escalation trojan
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceprivilege_escalationtrojan

behavioral2