Overview

overview

7

Static

static

3

d58a236829...18.exe

windows7-x64

7

d58a236829...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d58a236829e53f3272288d7a61c6892e_JaffaCakes118

  • Size

    871KB

  • Sample

    240909-dbyaaaxhmn

  • MD5

    d58a236829e53f3272288d7a61c6892e

  • SHA1

    34865d4820d1cbf3c4b5d51916da6dda09d320a3

  • SHA256

    240335369c52a2aa079e828f1a5f7b590603d60de06663cf6903fafce8d0de2b

  • SHA512

    baa8ffba4324912f7d6a49d530109b3d5d931bbdb43f33a4c727578e49b02cb802723c7df2d4899df2a64a7c387d89facfd459adc51b29fbf21344ebaa882070

  • SSDEEP

    24576:jXMpQtomTiRqqT9597n6SBaUl4Y9zjYN5:jXMpQtbTmqi7n6G/lJW5

Score
7/10
discoveryevasionpersistenceprivilege_escalationtrojan

Malware Config

Targets

    • Target

      d58a236829e53f3272288d7a61c6892e_JaffaCakes118

    • Size

      871KB

    • MD5

      d58a236829e53f3272288d7a61c6892e

    • SHA1

      34865d4820d1cbf3c4b5d51916da6dda09d320a3

    • SHA256

      240335369c52a2aa079e828f1a5f7b590603d60de06663cf6903fafce8d0de2b

    • SHA512

      baa8ffba4324912f7d6a49d530109b3d5d931bbdb43f33a4c727578e49b02cb802723c7df2d4899df2a64a7c387d89facfd459adc51b29fbf21344ebaa882070

    • SSDEEP

      24576:jXMpQtomTiRqqT9597n6SBaUl4Y9zjYN5:jXMpQtbTmqi7n6G/lJW5

    Score
    7/10
    discoveryevasionpersistenceprivilege_escalationtrojan

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks