Overview

overview

10

Static

static

3

faa05ed927...18.exe

windows7-x64

10

faa05ed927...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    faa05ed9270e1e5647e1d3c8d3582c1c_JaffaCakes118

  • Size

    173KB

  • Sample

    240419-s5k95sgb35

  • MD5

    faa05ed9270e1e5647e1d3c8d3582c1c

  • SHA1

    da587b34f75d9707e939e6df96e3f1f3a8a062b5

  • SHA256

    9f62bada42bac8131aa0a95ae24375aae027c55ee84c93c5a98513eb8f9f46ed

  • SHA512

    bb6b869fb27214f3b9582f2097908b7c349354d58ce83f1b9a351f939973e79c3cbeef93d79e31461b82134d7f3770166bed28389466c7b0786f8c4ac029946a

  • SSDEEP

    3072:bb43e6tyXkviZ9XWL4OB2HvIOS9AZli+PM5aM1cCwQk6qPs1LzrajYip+9L:bb43e6tyXVW8Hw5cl9PWZVk6qy+jYw+

Score
10/10
persistence

Malware Config

Targets

    • Target

      faa05ed9270e1e5647e1d3c8d3582c1c_JaffaCakes118

    • Size

      173KB

    • MD5

      faa05ed9270e1e5647e1d3c8d3582c1c

    • SHA1

      da587b34f75d9707e939e6df96e3f1f3a8a062b5

    • SHA256

      9f62bada42bac8131aa0a95ae24375aae027c55ee84c93c5a98513eb8f9f46ed

    • SHA512

      bb6b869fb27214f3b9582f2097908b7c349354d58ce83f1b9a351f939973e79c3cbeef93d79e31461b82134d7f3770166bed28389466c7b0786f8c4ac029946a

    • SSDEEP

      3072:bb43e6tyXkviZ9XWL4OB2HvIOS9AZli+PM5aM1cCwQk6qPs1LzrajYip+9L:bb43e6tyXVW8Hw5cl9PWZVk6qy+jYw+

    Score
    10/10
    persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Winlogon Helper DLL

1
T1547.004

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Winlogon Helper DLL

1
T1547.004

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks