00a42195fac194b8749ab3145d86832ff70f8761d4ea5cb567ad0e6941569229 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d376ffef3d166d51ac857ea1726ea4cc_JaffaCakes118
Size

1.2MB
Sample

240908-ebs61awdqe
MD5

d376ffef3d166d51ac857ea1726ea4cc
SHA1

e31b55ec26582153b76a1fe875ec3f01626fb776
SHA256

00a42195fac194b8749ab3145d86832ff70f8761d4ea5cb567ad0e6941569229
SHA512

7a8bab29c04fc528fd1993f931b8af4ce0d741438234dc159b65cd46a0d659428e92f3266470a59b2244175f8bcdc90f8a707a7954cac96aef16994a4f57e501
SSDEEP

24576:CwUHKSE0EOaGsLP3yXe2jcme1Rx5qTT+K35/:Cw9/0EOajMPcmMRnqH3x

Score

7^/10

discovery evasion persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  d376ffef3d166d51ac857ea1726ea4cc_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  d376ffef3d166d51ac857ea1726ea4cc
- SHA1
  
  e31b55ec26582153b76a1fe875ec3f01626fb776
- SHA256
  
  00a42195fac194b8749ab3145d86832ff70f8761d4ea5cb567ad0e6941569229
- SHA512
  
  7a8bab29c04fc528fd1993f931b8af4ce0d741438234dc159b65cd46a0d659428e92f3266470a59b2244175f8bcdc90f8a707a7954cac96aef16994a4f57e501
- SSDEEP
  
  24576:CwUHKSE0EOaGsLP3yXe2jcme1Rx5qTT+K35/:Cw9/0EOajMPcmMRnqH3x
Score

7^/10

discovery evasion persistence privilege_escalation trojan
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceprivilege_escalationtrojan

behavioral2

discoveryevasionpersistenceprivilege_escalationtrojan