86000a7d939d35e2f40d3aacf836f6f61d91d39cee387daa6e64708df5798942 | Triage

Sharing

General

Target

eadea608cbaed477181baeabcf640cb9_JaffaCakes118
Size

861KB
Sample

240919-jh1lwaxhnl
MD5

eadea608cbaed477181baeabcf640cb9
SHA1

691757e2628cf89d86484a778a30590601dea432
SHA256

86000a7d939d35e2f40d3aacf836f6f61d91d39cee387daa6e64708df5798942
SHA512

301e8741f3b70b361954b99123b92c94a087c21bcaee94551963711fb0a42048cdef8e04bdf23c4b35a4c8411df85e53416278221813f2d0dd733067dcb3d8f7
SSDEEP

12288:ogPGSG6pO0Kz/lOINhqnMgxqLBS9U8/7KGWpuqJJm0i7mdGTXfzu29mZllqKE:og+SGd7NMxxjy8uVvJJtdGTXriZzqKE

Score

7^/10

discovery evasion persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  eadea608cbaed477181baeabcf640cb9_JaffaCakes118
- Size
  
  861KB
- MD5
  
  eadea608cbaed477181baeabcf640cb9
- SHA1
  
  691757e2628cf89d86484a778a30590601dea432
- SHA256
  
  86000a7d939d35e2f40d3aacf836f6f61d91d39cee387daa6e64708df5798942
- SHA512
  
  301e8741f3b70b361954b99123b92c94a087c21bcaee94551963711fb0a42048cdef8e04bdf23c4b35a4c8411df85e53416278221813f2d0dd733067dcb3d8f7
- SSDEEP
  
  12288:ogPGSG6pO0Kz/lOINhqnMgxqLBS9U8/7KGWpuqJJm0i7mdGTXfzu29mZllqKE:og+SGd7NMxxjy8uVvJJtdGTXriZzqKE
Score

7^/10

discovery evasion persistence privilege_escalation trojan
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceprivilege_escalationtrojan

behavioral2