386f8485fce6bd1f830d9140d3f5bb511602329a7a7dbdc84c4b94e16d230c84 | Triage

Sharing

General

Target

e76b27d839080f09789186de45769ef2_JaffaCakes118
Size

142KB
Sample

240408-n7sd1sbh9t
MD5

e76b27d839080f09789186de45769ef2
SHA1

8a12174e7ddaf0a2915373f8305bb73b7c4fd8ee
SHA256

386f8485fce6bd1f830d9140d3f5bb511602329a7a7dbdc84c4b94e16d230c84
SHA512

9a347aebb726244fbd7a4a2614e431dace3b58fca7cb0f985cd8a8248f7387fd0e1083609f93e9879bc4a6fa263d5aefdf4e37d3723363d8a086ae3efed7706c
SSDEEP

3072:VidQMhEpc9B7zqW9MsmUg5X3+R2BeaiEygGd4G4aDg+:MqMhR78UsFBGNM

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  e76b27d839080f09789186de45769ef2_JaffaCakes118
- Size
  
  142KB
- MD5
  
  e76b27d839080f09789186de45769ef2
- SHA1
  
  8a12174e7ddaf0a2915373f8305bb73b7c4fd8ee
- SHA256
  
  386f8485fce6bd1f830d9140d3f5bb511602329a7a7dbdc84c4b94e16d230c84
- SHA512
  
  9a347aebb726244fbd7a4a2614e431dace3b58fca7cb0f985cd8a8248f7387fd0e1083609f93e9879bc4a6fa263d5aefdf4e37d3723363d8a086ae3efed7706c
- SSDEEP
  
  3072:VidQMhEpc9B7zqW9MsmUg5X3+R2BeaiEygGd4G4aDg+:MqMhR78UsFBGNM
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2