General

  • Target

    03c281d0c79898ba5e0c472c0093cb4d_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240427-2bl41shh38

  • MD5

    03c281d0c79898ba5e0c472c0093cb4d

  • SHA1

    e3313bf5c501460615885d1a51ea7bc7a5b14851

  • SHA256

    9f2238381a864db192fb8b902a11e8c1d7170b2ab03aae723952e03518dda34a

  • SHA512

    7e642e1541293ed0888d72ff7819590fa85106939c66ea4b048682b636e596baf1e858d722697d1f6ecb090bcf34ff25e88c8e4e8bca92f217a7d816aeefd903

  • SSDEEP

    24576:91bRfdYmRwmOcwLMIorvUhK9BoDyzPBP7qT4PQKL+0fCjovvbOjrdX3:9bfGmRwNcodor8h2yDgBP7ZlL+0QrdX3

Score
10/10

Malware Config

Targets

    • Target

      03c281d0c79898ba5e0c472c0093cb4d_JaffaCakes118

    • Size

      1.2MB

    • MD5

      03c281d0c79898ba5e0c472c0093cb4d

    • SHA1

      e3313bf5c501460615885d1a51ea7bc7a5b14851

    • SHA256

      9f2238381a864db192fb8b902a11e8c1d7170b2ab03aae723952e03518dda34a

    • SHA512

      7e642e1541293ed0888d72ff7819590fa85106939c66ea4b048682b636e596baf1e858d722697d1f6ecb090bcf34ff25e88c8e4e8bca92f217a7d816aeefd903

    • SSDEEP

      24576:91bRfdYmRwmOcwLMIorvUhK9BoDyzPBP7qT4PQKL+0fCjovvbOjrdX3:9bfGmRwNcodor8h2yDgBP7ZlL+0QrdX3

    Score
    10/10
    • Modifies WinLogon for persistence

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Boot or Logon Autostart Execution

1
T1547

Winlogon Helper DLL

1
T1547.004

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Winlogon Helper DLL

1
T1547.004

Defense Evasion

Modify Registry

1
T1112

Tasks