Overview

overview

10

Static

static

3

01ffac5b43...18.exe

windows7-x64

10

01ffac5b43...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    01ffac5b43b1c4021b47dd0a107cb3ed_JaffaCakes118

  • Size

    300KB

  • Sample

    240427-arablsga6y

  • MD5

    01ffac5b43b1c4021b47dd0a107cb3ed

  • SHA1

    ad3cc258abd6fa9ca44462de1a41188f4ed71b25

  • SHA256

    f53cea0d97ee122810ce112ca52041de095144890eee5ce66f5b6a92c8107460

  • SHA512

    d264d2bf7cbe571faeb6372f0ddfd0855c82a33a04a61e4bf376dd4948ab4009a5db254f835ca54172331f5812bd235dbf4fdcf65ad316d86ebbe771d56e4cf2

  • SSDEEP

    6144:X731bdBaBKD0mA3X6Lc34SUgippkD6WhfxzUEalDD/7FjaO:b1bL073XX3mrLA9xzUEsjFp

Score
10/10
persistence

Malware Config

Targets

    • Target

      01ffac5b43b1c4021b47dd0a107cb3ed_JaffaCakes118

    • Size

      300KB

    • MD5

      01ffac5b43b1c4021b47dd0a107cb3ed

    • SHA1

      ad3cc258abd6fa9ca44462de1a41188f4ed71b25

    • SHA256

      f53cea0d97ee122810ce112ca52041de095144890eee5ce66f5b6a92c8107460

    • SHA512

      d264d2bf7cbe571faeb6372f0ddfd0855c82a33a04a61e4bf376dd4948ab4009a5db254f835ca54172331f5812bd235dbf4fdcf65ad316d86ebbe771d56e4cf2

    • SSDEEP

      6144:X731bdBaBKD0mA3X6Lc34SUgippkD6WhfxzUEalDD/7FjaO:b1bL073XX3mrLA9xzUEsjFp

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Winlogon Helper DLL

1
T1547.004

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Winlogon Helper DLL

1
T1547.004

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks