Overview

overview

7

Static

static

3

5352077980...18.exe

windows7-x64

7

5352077980...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    535207798015b0c10a1296f1e8e3d218_JaffaCakes118

  • Size

    875KB

  • Sample

    241017-x6jvxs1hrg

  • MD5

    535207798015b0c10a1296f1e8e3d218

  • SHA1

    db2a950d1c9f762e1c32e9aa73a55f0d80e26f7c

  • SHA256

    57fcfed69767e4a3b97922ca249d70bba7dcf355920aada001a32aad48219458

  • SHA512

    752b2ca461fc311b1e91b7841dd00bc0d5e4a282c703c93dfc1b0f6710d77604a08b8c03646ff94ed086367ab383d0a7872dcdcaa5574610525ea8b8a6c9740e

  • SSDEEP

    24576:s6zeSURyZNx8LcTKMsAWqmYomhE56sAgkg:s6ze+ZL8LsKAWZd56s6g

Score
7/10
discoveryevasionpersistenceprivilege_escalationtrojan

Malware Config

Targets

    • Target

      535207798015b0c10a1296f1e8e3d218_JaffaCakes118

    • Size

      875KB

    • MD5

      535207798015b0c10a1296f1e8e3d218

    • SHA1

      db2a950d1c9f762e1c32e9aa73a55f0d80e26f7c

    • SHA256

      57fcfed69767e4a3b97922ca249d70bba7dcf355920aada001a32aad48219458

    • SHA512

      752b2ca461fc311b1e91b7841dd00bc0d5e4a282c703c93dfc1b0f6710d77604a08b8c03646ff94ed086367ab383d0a7872dcdcaa5574610525ea8b8a6c9740e

    • SSDEEP

      24576:s6zeSURyZNx8LcTKMsAWqmYomhE56sAgkg:s6ze+ZL8LsKAWZd56s6g

    Score
    7/10
    discoveryevasionpersistenceprivilege_escalationtrojan

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks