Overview

overview

10

Static

static

3

0322184426...18.exe

windows7-x64

10

0322184426...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    03221844268b7a49e101658564a8c13e_JaffaCakes118

  • Size

    906KB

  • Sample

    240427-nd5r9ahd42

  • MD5

    03221844268b7a49e101658564a8c13e

  • SHA1

    c9094a715861398b20b13dc90b6c6e987a4aad0f

  • SHA256

    fadd906206f10891e4d5134ab004329707e0182108c68a52b1497d8ac7df2b89

  • SHA512

    d5741a147350d92cbf1d0797edd1b657bff2b891a17d4678b7dba12472840de71add509ebcba37d77d18a6554694470158515a36a8a86f72d70965b553af0f23

  • SSDEEP

    24576:I1bbD2ZxcqZcDhMSFLoCIVej3QGDzJSjnORUr3:IR2Zuq6hfFLoCD3dJXRUr3

Score
10/10
persistence

Malware Config

Targets

    • Target

      03221844268b7a49e101658564a8c13e_JaffaCakes118

    • Size

      906KB

    • MD5

      03221844268b7a49e101658564a8c13e

    • SHA1

      c9094a715861398b20b13dc90b6c6e987a4aad0f

    • SHA256

      fadd906206f10891e4d5134ab004329707e0182108c68a52b1497d8ac7df2b89

    • SHA512

      d5741a147350d92cbf1d0797edd1b657bff2b891a17d4678b7dba12472840de71add509ebcba37d77d18a6554694470158515a36a8a86f72d70965b553af0f23

    • SSDEEP

      24576:I1bbD2ZxcqZcDhMSFLoCIVej3QGDzJSjnORUr3:IR2Zuq6hfFLoCD3dJXRUr3

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Winlogon Helper DLL

1
T1547.004

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Winlogon Helper DLL

1
T1547.004

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks