Overview

overview

7

Static

static

3

3021abad39...18.exe

windows7-x64

7

3021abad39...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    3021abad390bfc5f706044ed07c21588_JaffaCakes118

  • Size

    798KB

  • Sample

    241010-qwed5axhnb

  • MD5

    3021abad390bfc5f706044ed07c21588

  • SHA1

    5dff993a357c9a9301867fa33e1dfd709e68483f

  • SHA256

    9d9ca0c31e40e874e3829b26ad3299e3df2846f701dbdec7679d4f8c575ce4ca

  • SHA512

    dada6cbbb5de7fbb064877c371c9c58962ae0f512b1f5cd31c6c828295cf995494b68136d03e9a54810aa96630e82bda5b3c64c41cf2e499e8ea75f50fd92d91

  • SSDEEP

    24576:YzQjqu5CS9Sb+LqmntXP7gW9ZmXKjjs9x7MgtS:YzQQASb+LnxP0q0CsqYS

Score
7/10
discoveryevasionpersistenceprivilege_escalationtrojan

Malware Config

Targets

    • Target

      3021abad390bfc5f706044ed07c21588_JaffaCakes118

    • Size

      798KB

    • MD5

      3021abad390bfc5f706044ed07c21588

    • SHA1

      5dff993a357c9a9301867fa33e1dfd709e68483f

    • SHA256

      9d9ca0c31e40e874e3829b26ad3299e3df2846f701dbdec7679d4f8c575ce4ca

    • SHA512

      dada6cbbb5de7fbb064877c371c9c58962ae0f512b1f5cd31c6c828295cf995494b68136d03e9a54810aa96630e82bda5b3c64c41cf2e499e8ea75f50fd92d91

    • SSDEEP

      24576:YzQjqu5CS9Sb+LqmntXP7gW9ZmXKjjs9x7MgtS:YzQQASb+LnxP0q0CsqYS

    Score
    7/10
    discoveryevasionpersistenceprivilege_escalationtrojan

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks