0d7f7d3a6f3626cce1b260010cc0f5a9a8f24eb9b41f4bf7af0768713f592790 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f0cfd71752ff023abf0fdba3c474007b_JaffaCakes118
Size

1.2MB
Sample

240921-3artjszdjc
MD5

f0cfd71752ff023abf0fdba3c474007b
SHA1

699bcf041e7f2a5dce553b2ce198a225b41b99a4
SHA256

0d7f7d3a6f3626cce1b260010cc0f5a9a8f24eb9b41f4bf7af0768713f592790
SHA512

117ffd76c35d75ef15eab87acf33fcb11fdc534408b23ec421a46d0b0104686063eb07abdd12aa70da240b9cf28e261a4d6249a48d155afaa8d9a064871989e1
SSDEEP

12288:MQVgRuk236YfvWBw2KW+Q8bPFwkVC5kq7Oxiql2gk0NQSW+9psB5e2F5eX/rXJVV:SUHKSkwDQ82kM597OxBLU5Z0XOK

Score

7^/10

discovery evasion persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  f0cfd71752ff023abf0fdba3c474007b_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  f0cfd71752ff023abf0fdba3c474007b
- SHA1
  
  699bcf041e7f2a5dce553b2ce198a225b41b99a4
- SHA256
  
  0d7f7d3a6f3626cce1b260010cc0f5a9a8f24eb9b41f4bf7af0768713f592790
- SHA512
  
  117ffd76c35d75ef15eab87acf33fcb11fdc534408b23ec421a46d0b0104686063eb07abdd12aa70da240b9cf28e261a4d6249a48d155afaa8d9a064871989e1
- SSDEEP
  
  12288:MQVgRuk236YfvWBw2KW+Q8bPFwkVC5kq7Oxiql2gk0NQSW+9psB5e2F5eX/rXJVV:SUHKSkwDQ82kM597OxBLU5Z0XOK
Score

7^/10

discovery evasion persistence privilege_escalation trojan
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceprivilege_escalationtrojan

behavioral2

discoveryevasionpersistenceprivilege_escalationtrojan