27ac1ed12cc08c0295db792325638dcc16d2d35d9d6779d5117085557585e915 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2710c1103cd949b4aa59d9a60b90cec_JaffaCakes118
Size

1.2MB
Sample

240907-vr3ndaxbme
MD5

d2710c1103cd949b4aa59d9a60b90cec
SHA1

48ee2e0eefd8ba1d9d92c1352b228843fa0619f2
SHA256

27ac1ed12cc08c0295db792325638dcc16d2d35d9d6779d5117085557585e915
SHA512

4ea63a8f71d2eb9fab703a75f6eed0a248fd7d24b08efb60a5604055ad42ad66bfc4f90a8d7db7f98a4cb98dd3dcab54974f8e44ef26c24a022f93af93c9b5c8
SSDEEP

24576:72isZZzcY5ooHh0JUD2F7rZVxJlLdiANCup8CcmQT:SPzcd6h0JUD2F7rZBlLwANCdZ

Score

7^/10

discovery evasion persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  d2710c1103cd949b4aa59d9a60b90cec_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  d2710c1103cd949b4aa59d9a60b90cec
- SHA1
  
  48ee2e0eefd8ba1d9d92c1352b228843fa0619f2
- SHA256
  
  27ac1ed12cc08c0295db792325638dcc16d2d35d9d6779d5117085557585e915
- SHA512
  
  4ea63a8f71d2eb9fab703a75f6eed0a248fd7d24b08efb60a5604055ad42ad66bfc4f90a8d7db7f98a4cb98dd3dcab54974f8e44ef26c24a022f93af93c9b5c8
- SSDEEP
  
  24576:72isZZzcY5ooHh0JUD2F7rZVxJlLdiANCup8CcmQT:SPzcd6h0JUD2F7rZBlLwANCdZ
Score

7^/10

discovery evasion persistence privilege_escalation trojan
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceprivilege_escalationtrojan

behavioral2

discoveryevasionpersistenceprivilege_escalationtrojan