3b50601d2432b6ea2604e02f0f3aa161c53ecfcbb197b176538dfdfb98fb1f86 | Triage

Sharing

General

Target

152f87d80a57f0cd4df5efeb49b7e64b_JaffaCakes118
Size

867KB
Sample

241004-2m1fsazhjj
MD5

152f87d80a57f0cd4df5efeb49b7e64b
SHA1

222743bc001877ac15558c8688f68cdedb8517a2
SHA256

3b50601d2432b6ea2604e02f0f3aa161c53ecfcbb197b176538dfdfb98fb1f86
SHA512

fbbb1aabe2870c88f4f4e1fda596977901c22e1de838bbbefa6c7a7eddf814edbbc68bd49fe9e5ccc551ce61de085636bc60b01fa6556753f8b64b9ea2826388
SSDEEP

24576:+RQUF6OUyqnFNkNNq7kytmtvN3QZUCDYk:+R5IBqgkytutk

Score

7^/10

discovery evasion persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  152f87d80a57f0cd4df5efeb49b7e64b_JaffaCakes118
- Size
  
  867KB
- MD5
  
  152f87d80a57f0cd4df5efeb49b7e64b
- SHA1
  
  222743bc001877ac15558c8688f68cdedb8517a2
- SHA256
  
  3b50601d2432b6ea2604e02f0f3aa161c53ecfcbb197b176538dfdfb98fb1f86
- SHA512
  
  fbbb1aabe2870c88f4f4e1fda596977901c22e1de838bbbefa6c7a7eddf814edbbc68bd49fe9e5ccc551ce61de085636bc60b01fa6556753f8b64b9ea2826388
- SSDEEP
  
  24576:+RQUF6OUyqnFNkNNq7kytmtvN3QZUCDYk:+R5IBqgkytutk
Score

7^/10

discovery evasion persistence privilege_escalation trojan
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceprivilege_escalationtrojan

behavioral2