3ffc5fd024892e2d2e960483ddb77ead58e4836814d41839ff695bc207870740 | Triage

Sharing

General

Target

2f0bb38f6e47d63f11dc096da03f7a74_JaffaCakes118
Size

885KB
Sample

241009-lxlgls1dmg
MD5

2f0bb38f6e47d63f11dc096da03f7a74
SHA1

22b5ea1041e6fbc1057345ede0a7d374b3162cdc
SHA256

3ffc5fd024892e2d2e960483ddb77ead58e4836814d41839ff695bc207870740
SHA512

8234264f55a5976581dade6c17c7f47316ca9a1558923f603e0bfa4e00a4c23097739d3da6e99276d26aba9fc7daec0e03ff643eae1d5d4bc9a04decce9838ef
SSDEEP

24576:KgcIt2IFZL3cvtEsCptuOmwaLJXKG+xS3kkU24klRd6M3/JA:KgcItXlMvtEsO8JRK6J02JA

Score

7^/10

discovery evasion persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  2f0bb38f6e47d63f11dc096da03f7a74_JaffaCakes118
- Size
  
  885KB
- MD5
  
  2f0bb38f6e47d63f11dc096da03f7a74
- SHA1
  
  22b5ea1041e6fbc1057345ede0a7d374b3162cdc
- SHA256
  
  3ffc5fd024892e2d2e960483ddb77ead58e4836814d41839ff695bc207870740
- SHA512
  
  8234264f55a5976581dade6c17c7f47316ca9a1558923f603e0bfa4e00a4c23097739d3da6e99276d26aba9fc7daec0e03ff643eae1d5d4bc9a04decce9838ef
- SSDEEP
  
  24576:KgcIt2IFZL3cvtEsCptuOmwaLJXKG+xS3kkU24klRd6M3/JA:KgcItXlMvtEsO8JRK6J02JA
Score

7^/10

discovery evasion persistence privilege_escalation trojan
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceprivilege_escalationtrojan

behavioral2