d9110e6cee9693adacf497a91f8c2dd925ceb61c3981f8782173244a3b5d4c84 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2cee37fa40efa4db1eab5b5169684d8e_JaffaCakes118
Size

82KB
Sample

241009-hwrqfssalq
MD5

2cee37fa40efa4db1eab5b5169684d8e
SHA1

38496f3fe613ba3cb4b4437cde3b2e9cd76e68b0
SHA256

d9110e6cee9693adacf497a91f8c2dd925ceb61c3981f8782173244a3b5d4c84
SHA512

0c4248338a3330aec1d5ee7c8fb92d71a9269e47c076afb4eecbeee010d34f6ef982a4e7b41d058c03c4a9fd720c2c5842fbfe17a8cf782bc234458716dc0985
SSDEEP

1536:n5neEhlcTW5sk1jtf2XvWINndIcN6JhLs5g7EPXOteSx0cw1yA02:5nj9jtfU+INndIc0JW5imCbLgyA02

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  2cee37fa40efa4db1eab5b5169684d8e_JaffaCakes118
- Size
  
  82KB
- MD5
  
  2cee37fa40efa4db1eab5b5169684d8e
- SHA1
  
  38496f3fe613ba3cb4b4437cde3b2e9cd76e68b0
- SHA256
  
  d9110e6cee9693adacf497a91f8c2dd925ceb61c3981f8782173244a3b5d4c84
- SHA512
  
  0c4248338a3330aec1d5ee7c8fb92d71a9269e47c076afb4eecbeee010d34f6ef982a4e7b41d058c03c4a9fd720c2c5842fbfe17a8cf782bc234458716dc0985
- SSDEEP
  
  1536:n5neEhlcTW5sk1jtf2XvWINndIcN6JhLs5g7EPXOteSx0cw1yA02:5nj9jtfU+INndIc0JW5imCbLgyA02
Score

7^/10

discovery evasion persistence trojan
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan