Overview

overview

10

Static

static

3

03c0158479...18.exe

windows7-x64

10

03c0158479...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    03c0158479dc2353ce33cd0b1ae14ce4_JaffaCakes118

  • Size

    799KB

  • Sample

    240427-17n3tahg39

  • MD5

    03c0158479dc2353ce33cd0b1ae14ce4

  • SHA1

    89702438246caa63aefdfd7b589c25bfe6e893c0

  • SHA256

    546b8ec7e53888efcb62641c0c314d43e263b4180e4ad539bd36bc3e7657c1bb

  • SHA512

    11ef2e0dec41fb698a169bacb844d8efbd8477301a6c71576b493cd1c1bd865e75137b76088e4523c85173701dba29210cd0493b3d6f3c240b4ed8518a5e377d

  • SSDEEP

    24576:91bNWDNJ52BazRnbQSx4p+0/vzm0mTOwlqn7+LhS:9jW/5DxG3zOO57IS

Score
10/10
persistence

Malware Config

Targets

    • Target

      03c0158479dc2353ce33cd0b1ae14ce4_JaffaCakes118

    • Size

      799KB

    • MD5

      03c0158479dc2353ce33cd0b1ae14ce4

    • SHA1

      89702438246caa63aefdfd7b589c25bfe6e893c0

    • SHA256

      546b8ec7e53888efcb62641c0c314d43e263b4180e4ad539bd36bc3e7657c1bb

    • SHA512

      11ef2e0dec41fb698a169bacb844d8efbd8477301a6c71576b493cd1c1bd865e75137b76088e4523c85173701dba29210cd0493b3d6f3c240b4ed8518a5e377d

    • SSDEEP

      24576:91bNWDNJ52BazRnbQSx4p+0/vzm0mTOwlqn7+LhS:9jW/5DxG3zOO57IS

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Winlogon Helper DLL

1
T1547.004

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Winlogon Helper DLL

1
T1547.004

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks