5de42a8a4fc6dfddea4afac4cad7eaf9e2bc9dc103a5ba941d0480959f46dbad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd3a62293d1f89edc676b0a5cb300e47_JaffaCakes118
Size

981KB
Sample

240928-1xnz3a1clg
MD5

fd3a62293d1f89edc676b0a5cb300e47
SHA1

e0adf29d1b2a353261d32ae371058bc7ce27d087
SHA256

5de42a8a4fc6dfddea4afac4cad7eaf9e2bc9dc103a5ba941d0480959f46dbad
SHA512

7071f0299875025cab57c75c24d54a5c304d6b913e175149d2bb74acdd1186a5fd6137e2de212e587de7c774f3f00d03c728f07be05af0e1aecb4e8a4e63cae3
SSDEEP

24576:YYmGvGyLuCQW7oea85Ehq0MGf7FU5g0/4RZABWohYpWlV7:YYmGeyLuCQW7pByhRb5vVmWohYpu

Score

7^/10

discovery evasion persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  fd3a62293d1f89edc676b0a5cb300e47_JaffaCakes118
- Size
  
  981KB
- MD5
  
  fd3a62293d1f89edc676b0a5cb300e47
- SHA1
  
  e0adf29d1b2a353261d32ae371058bc7ce27d087
- SHA256
  
  5de42a8a4fc6dfddea4afac4cad7eaf9e2bc9dc103a5ba941d0480959f46dbad
- SHA512
  
  7071f0299875025cab57c75c24d54a5c304d6b913e175149d2bb74acdd1186a5fd6137e2de212e587de7c774f3f00d03c728f07be05af0e1aecb4e8a4e63cae3
- SSDEEP
  
  24576:YYmGvGyLuCQW7oea85Ehq0MGf7FU5g0/4RZABWohYpWlV7:YYmGeyLuCQW7pByhRb5vVmWohYpu
Score

7^/10

discovery evasion persistence privilege_escalation trojan
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceprivilege_escalationtrojan

behavioral2

discoveryevasionpersistenceprivilege_escalationtrojan