9e2ed1cf0be6491c52e1dfffe1d51d7599c43acb4a7d97201b44c54a06ac2105 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efe74817e97e1bed4ab2461a5f66003d_JaffaCakes118
Size

884KB
Sample

240921-qtv9vsvejj
MD5

efe74817e97e1bed4ab2461a5f66003d
SHA1

4bdec3a4f82db162a376ca44ce1cb523bf131017
SHA256

9e2ed1cf0be6491c52e1dfffe1d51d7599c43acb4a7d97201b44c54a06ac2105
SHA512

0875dd18137c6cc5a855637f78e13bb841481a647d6eebd9bd4d46efe2c3cc7dfbe691207c6a1291382b725fd1e672b01b24598d4a164c30066bc84fbb8fdfae
SSDEEP

24576:5bxyYz9BwJrYWQfzaqoz+3HeNIji3rshsLjNO:5bbz8SdJoi3+Ei3Ah4O

Score

7^/10

discovery evasion persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  efe74817e97e1bed4ab2461a5f66003d_JaffaCakes118
- Size
  
  884KB
- MD5
  
  efe74817e97e1bed4ab2461a5f66003d
- SHA1
  
  4bdec3a4f82db162a376ca44ce1cb523bf131017
- SHA256
  
  9e2ed1cf0be6491c52e1dfffe1d51d7599c43acb4a7d97201b44c54a06ac2105
- SHA512
  
  0875dd18137c6cc5a855637f78e13bb841481a647d6eebd9bd4d46efe2c3cc7dfbe691207c6a1291382b725fd1e672b01b24598d4a164c30066bc84fbb8fdfae
- SSDEEP
  
  24576:5bxyYz9BwJrYWQfzaqoz+3HeNIji3rshsLjNO:5bbz8SdJoi3+Ei3Ah4O
Score

7^/10

discovery evasion persistence privilege_escalation trojan
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceprivilege_escalationtrojan

behavioral2