3873779efe5c6e3c78e407e503f659acfa00be309cf00e3a60d79c72f9036ad6 | Triage

Sharing

General

Target

f3082350525da39f315e0bf3cc60fa7d_JaffaCakes118
Size

1.2MB
Sample

240416-jqcj1scg79
MD5

f3082350525da39f315e0bf3cc60fa7d
SHA1

01c90c940f86df0cc7704c206229f1162aabe64c
SHA256

3873779efe5c6e3c78e407e503f659acfa00be309cf00e3a60d79c72f9036ad6
SHA512

e1b59440d567707c3999fadcddec290717d2d4798a1dfe2b6bfcda83a90cbc6db8a03de7e94090751080463ea2cd588c2645c25c69afcb2f63eae3594baa6c9b
SSDEEP

24576:HdQlCPC8is3ZuA4BkSfaf6mfJ+VoOxsThKWJoGKcspMbB/hi:9QEfZul3fCfIVoOxqJVdAMblhi

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  f3082350525da39f315e0bf3cc60fa7d_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  f3082350525da39f315e0bf3cc60fa7d
- SHA1
  
  01c90c940f86df0cc7704c206229f1162aabe64c
- SHA256
  
  3873779efe5c6e3c78e407e503f659acfa00be309cf00e3a60d79c72f9036ad6
- SHA512
  
  e1b59440d567707c3999fadcddec290717d2d4798a1dfe2b6bfcda83a90cbc6db8a03de7e94090751080463ea2cd588c2645c25c69afcb2f63eae3594baa6c9b
- SSDEEP
  
  24576:HdQlCPC8is3ZuA4BkSfaf6mfJ+VoOxsThKWJoGKcspMbB/hi:9QEfZul3fCfIVoOxqJVdAMblhi
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2