492b7b76f3622334e3e4dfe2ddaa50364a568f331a1667164b9fe325a123b723 | Triage

Sharing

General

Target

eaca782d8da4025edd29d4f045fe6915_JaffaCakes118
Size

923KB
Sample

240919-hleyxawdkm
MD5

eaca782d8da4025edd29d4f045fe6915
SHA1

6c946609cd0784315b259bf6fe38212ec1786cc1
SHA256

492b7b76f3622334e3e4dfe2ddaa50364a568f331a1667164b9fe325a123b723
SHA512

eb73bca09b46e8884f292bd00b31ad0fe199dc968c17ec5e0a3a0b573e03636770812f28eea3e1aebf7e407a713dbcdb41f25641b8e4530a19ea807df9ddbe81
SSDEEP

12288:Nk7TTfY2hLmjLAu24HOX+3Sa7JbqVKOP8tVBCbHkOS09tzcTY93r0rtK0Yd051nc:djLAu7OsdG8tzCjW07zoNrwfSnJHSmy1

Score

7^/10

discovery evasion persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  eaca782d8da4025edd29d4f045fe6915_JaffaCakes118
- Size
  
  923KB
- MD5
  
  eaca782d8da4025edd29d4f045fe6915
- SHA1
  
  6c946609cd0784315b259bf6fe38212ec1786cc1
- SHA256
  
  492b7b76f3622334e3e4dfe2ddaa50364a568f331a1667164b9fe325a123b723
- SHA512
  
  eb73bca09b46e8884f292bd00b31ad0fe199dc968c17ec5e0a3a0b573e03636770812f28eea3e1aebf7e407a713dbcdb41f25641b8e4530a19ea807df9ddbe81
- SSDEEP
  
  12288:Nk7TTfY2hLmjLAu24HOX+3Sa7JbqVKOP8tVBCbHkOS09tzcTY93r0rtK0Yd051nc:djLAu7OsdG8tzCjW07zoNrwfSnJHSmy1
Score

7^/10

discovery evasion persistence privilege_escalation trojan
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceprivilege_escalationtrojan

behavioral2

discoveryevasionpersistenceprivilege_escalationtrojan