Overview

overview

7

Static

static

3

fa45eb5246...18.exe

windows7-x64

7

fa45eb5246...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fa45eb5246087c5c9ed8c2fa81887aa8_JaffaCakes118

  • Size

    811KB

  • Sample

    240927-myhyjsyfjk

  • MD5

    fa45eb5246087c5c9ed8c2fa81887aa8

  • SHA1

    ec0342de03ea44b1167d123b8d171feb655a291c

  • SHA256

    024291f864109078e8efe86d68ca1573b50cafb3bec18c716d08b19a7b6d98c3

  • SHA512

    ea07e17d3c24202681ea2edb94dd52df24d13fb062f29a478a5bdf266d99559371a9102b694891ae438e829712ece48afc69c7c2527b18dbdd760da0004cff46

  • SSDEEP

    24576:RPb2426rKcgbzGJsASn6f32RncSuhjYeXztr:RP6X6rKbXR6fpYMr

Score
7/10
discoveryevasionpersistenceprivilege_escalationtrojan

Malware Config

Targets

    • Target

      fa45eb5246087c5c9ed8c2fa81887aa8_JaffaCakes118

    • Size

      811KB

    • MD5

      fa45eb5246087c5c9ed8c2fa81887aa8

    • SHA1

      ec0342de03ea44b1167d123b8d171feb655a291c

    • SHA256

      024291f864109078e8efe86d68ca1573b50cafb3bec18c716d08b19a7b6d98c3

    • SHA512

      ea07e17d3c24202681ea2edb94dd52df24d13fb062f29a478a5bdf266d99559371a9102b694891ae438e829712ece48afc69c7c2527b18dbdd760da0004cff46

    • SSDEEP

      24576:RPb2426rKcgbzGJsASn6f32RncSuhjYeXztr:RP6X6rKbXR6fpYMr

    Score
    7/10
    discoveryevasionpersistenceprivilege_escalationtrojan

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks