Overview

overview

10

Static

static

3

03c8634d24...18.exe

windows7-x64

10

03c8634d24...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    03c8634d24f2dd97578b9df2dadcf3ea_JaffaCakes118

  • Size

    848KB

  • Sample

    240427-2jjzmaad7x

  • MD5

    03c8634d24f2dd97578b9df2dadcf3ea

  • SHA1

    829781c9167b0fff532cdbe822fc065bf4bf5825

  • SHA256

    2b8ff82de61c556efd75ffbe82f436022d2abc62b6b35e5bc078a937d025b50c

  • SHA512

    874d7fd99f7228d40727f5c49e8c3f3c7018f21fb93cbdc33ff890a5125138e67c5a9c163cca47143fa06a3e3b5e40c8bab282c427df84f91f8a797921521ac5

  • SSDEEP

    24576:J1bcny3Md9nUja2NzRWjoPnYmiYTv+SLBpO:J13Md6NMj+6te6

Score
10/10
persistence

Malware Config

Targets

    • Target

      03c8634d24f2dd97578b9df2dadcf3ea_JaffaCakes118

    • Size

      848KB

    • MD5

      03c8634d24f2dd97578b9df2dadcf3ea

    • SHA1

      829781c9167b0fff532cdbe822fc065bf4bf5825

    • SHA256

      2b8ff82de61c556efd75ffbe82f436022d2abc62b6b35e5bc078a937d025b50c

    • SHA512

      874d7fd99f7228d40727f5c49e8c3f3c7018f21fb93cbdc33ff890a5125138e67c5a9c163cca47143fa06a3e3b5e40c8bab282c427df84f91f8a797921521ac5

    • SSDEEP

      24576:J1bcny3Md9nUja2NzRWjoPnYmiYTv+SLBpO:J13Md6NMj+6te6

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Winlogon Helper DLL

1
T1547.004

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Winlogon Helper DLL

1
T1547.004

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks