db01b54c67192c26041e506b06c69218a1f0880b03f5c9d8e80f65195adcadfa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8378969fe27b46ed8ae3f8ac5b0a464_JaffaCakes118
Size

811KB
Sample

240829-ezvpqstcnh
MD5

c8378969fe27b46ed8ae3f8ac5b0a464
SHA1

c085a5151d56e22ea0dffe60685e490c23250bf6
SHA256

db01b54c67192c26041e506b06c69218a1f0880b03f5c9d8e80f65195adcadfa
SHA512

b0d7655b7e17d48240db5533d6c16bbca3639a1826c337b0877bb9c1eb9188b4c3eec4ff564a4867c4333b44a6867ade2619ecf9c565475dbb50e24444d8d3be
SSDEEP

12288:v7YEcP9tVlhPNsDwQBUviWZJ0hyGaFO17ntHsEMdRGR12vj4H5Ao0Y7pER:TYEwqwQBuZ6MunxMuej20EER

Score

7^/10

discovery evasion persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  c8378969fe27b46ed8ae3f8ac5b0a464_JaffaCakes118
- Size
  
  811KB
- MD5
  
  c8378969fe27b46ed8ae3f8ac5b0a464
- SHA1
  
  c085a5151d56e22ea0dffe60685e490c23250bf6
- SHA256
  
  db01b54c67192c26041e506b06c69218a1f0880b03f5c9d8e80f65195adcadfa
- SHA512
  
  b0d7655b7e17d48240db5533d6c16bbca3639a1826c337b0877bb9c1eb9188b4c3eec4ff564a4867c4333b44a6867ade2619ecf9c565475dbb50e24444d8d3be
- SSDEEP
  
  12288:v7YEcP9tVlhPNsDwQBUviWZJ0hyGaFO17ntHsEMdRGR12vj4H5Ao0Y7pER:TYEwqwQBuZ6MunxMuej20EER
Score

7^/10

discovery evasion persistence privilege_escalation trojan
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceprivilege_escalationtrojan

behavioral2

discoveryevasionpersistenceprivilege_escalationtrojan