76ac63ddf411b3eb94dbca7b369a3cfa790bd91e4e68f23a421284fa6e303573 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9d2e3673e5fc18c1d4f1e25b932c4c2_JaffaCakes118
Size

835KB
Sample

240927-gebr8sxfnl
MD5

f9d2e3673e5fc18c1d4f1e25b932c4c2
SHA1

e45f5b652b76dc841f6ae43be7d8664a38d69afe
SHA256

76ac63ddf411b3eb94dbca7b369a3cfa790bd91e4e68f23a421284fa6e303573
SHA512

855c34ca828b6cabb5cf08b2a55c40704af0406b088533093c1f038b4157a656fe941e51d286634d6647ac947d3eff791366a0d783e2599062d92d7dbf804897
SSDEEP

24576:Zj6P5YJqvk9I5HhHtKjdpeJkzzjOhllYErg:uyJ26otIUhDg

Score

7^/10

discovery evasion persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  f9d2e3673e5fc18c1d4f1e25b932c4c2_JaffaCakes118
- Size
  
  835KB
- MD5
  
  f9d2e3673e5fc18c1d4f1e25b932c4c2
- SHA1
  
  e45f5b652b76dc841f6ae43be7d8664a38d69afe
- SHA256
  
  76ac63ddf411b3eb94dbca7b369a3cfa790bd91e4e68f23a421284fa6e303573
- SHA512
  
  855c34ca828b6cabb5cf08b2a55c40704af0406b088533093c1f038b4157a656fe941e51d286634d6647ac947d3eff791366a0d783e2599062d92d7dbf804897
- SSDEEP
  
  24576:Zj6P5YJqvk9I5HhHtKjdpeJkzzjOhllYErg:uyJ26otIUhDg
Score

7^/10

discovery evasion persistence privilege_escalation trojan
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceprivilege_escalationtrojan

behavioral2

discoveryevasionpersistenceprivilege_escalationtrojan