a424ecaea26cb2393afaafe05ca451ed818806de04fcd398ea99037a5de85bcd | Triage

Sharing

General

Target

f4e56e9d5dc66cc15930abbdca5c8c8b_JaffaCakes118
Size

795KB
Sample

240925-b4khsaxdmn
MD5

f4e56e9d5dc66cc15930abbdca5c8c8b
SHA1

aa00952206545af5bd8d0890bf0c7802c08c830a
SHA256

a424ecaea26cb2393afaafe05ca451ed818806de04fcd398ea99037a5de85bcd
SHA512

8f6c245daae860262d2326c37b8ff524faecf8330bcd784fc55e9af06be5151504dfb52510e3e71054acc008b819f9107a0f124609a74726c77bbefeacb66530
SSDEEP

24576:9Mw6ce/U26Cb5KaXKseD0nye08WIcshV/8+v:BI/U26CNZX9ektDhK+v

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  f4e56e9d5dc66cc15930abbdca5c8c8b_JaffaCakes118
- Size
  
  795KB
- MD5
  
  f4e56e9d5dc66cc15930abbdca5c8c8b
- SHA1
  
  aa00952206545af5bd8d0890bf0c7802c08c830a
- SHA256
  
  a424ecaea26cb2393afaafe05ca451ed818806de04fcd398ea99037a5de85bcd
- SHA512
  
  8f6c245daae860262d2326c37b8ff524faecf8330bcd784fc55e9af06be5151504dfb52510e3e71054acc008b819f9107a0f124609a74726c77bbefeacb66530
- SSDEEP
  
  24576:9Mw6ce/U26Cb5KaXKseD0nye08WIcshV/8+v:BI/U26CNZX9ektDhK+v
Score

8^/10

discovery evasion persistence trojan
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan