26dab8d144ef3f37a7ef800a819c924c98ea5052222d8c3438b490dc369fd763 | Triage

Sharing

General

Target

d30b56d4919369b69192ca885f331ace_JaffaCakes118
Size

681KB
Sample

240907-3dmzrstcqa
MD5

d30b56d4919369b69192ca885f331ace
SHA1

ad2cce71bca9e9f7658fe1cc56362fc4ac0b4c44
SHA256

26dab8d144ef3f37a7ef800a819c924c98ea5052222d8c3438b490dc369fd763
SHA512

9ebcc796100b9c06ba72cb093721233ecdfcbb3f8e30e58fa3145bb62241d33ed15a9016d86c156802aec2c91b25ca4f9a6663e627035d372b535149439a938c
SSDEEP

12288:mgM0xX/tdDZxZi/WARQQfvZeBG72lD/y0CIhPUW2HwuMg4IZXfO34NENPRH8V97m:mgdNi/WhkRn72B/y0CsUwcBO3oEN5H+m

Score

7^/10

discovery evasion persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  d30b56d4919369b69192ca885f331ace_JaffaCakes118
- Size
  
  681KB
- MD5
  
  d30b56d4919369b69192ca885f331ace
- SHA1
  
  ad2cce71bca9e9f7658fe1cc56362fc4ac0b4c44
- SHA256
  
  26dab8d144ef3f37a7ef800a819c924c98ea5052222d8c3438b490dc369fd763
- SHA512
  
  9ebcc796100b9c06ba72cb093721233ecdfcbb3f8e30e58fa3145bb62241d33ed15a9016d86c156802aec2c91b25ca4f9a6663e627035d372b535149439a938c
- SSDEEP
  
  12288:mgM0xX/tdDZxZi/WARQQfvZeBG72lD/y0CIhPUW2HwuMg4IZXfO34NENPRH8V97m:mgdNi/WhkRn72B/y0CsUwcBO3oEN5H+m
Score

7^/10

discovery evasion persistence privilege_escalation trojan
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceprivilege_escalationtrojan

behavioral2

discoveryevasionpersistenceprivilege_escalationtrojan