General
-
Target
6559fd03b863e412fca9c2e9e89ba59a_JaffaCakes118
-
Size
32KB
-
Sample
240522-avlh2seh9t
-
MD5
6559fd03b863e412fca9c2e9e89ba59a
-
SHA1
7892eb3c8569b788c46666d330d406f982e4fd1b
-
SHA256
d4305e316f514f695057e32626778d9304fb2e3d7dff73ac40b6020ad60eb7f4
-
SHA512
23bcc0778632ab3934d72651495fc7def79dbb9165e447155823808c5f56ff7d60ad151ab0610f4a72c293b2ee16d22e7ef26cddcacf5b4d887fc70b8021ab6a
-
SSDEEP
768:Mnxo+obLMZ8yrsR2gig+MzlllytIWsIPXTftFSnVYn:+DobLMmyg0gAdD77J
Static task
static1
Behavioral task
behavioral1
Sample
St raphael juillet 2010.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
St raphael juillet 2010.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
St raphael juillet 2010.exe
-
Size
41KB
-
MD5
b788561e93731bacedc64d92650a4d6b
-
SHA1
22566f4de9d1f789314c0e67fcdc4f2d4778308d
-
SHA256
7518537fdfbe929c077ec21570f0243ae957714238e2e3857d8fbcc7bf81d4af
-
SHA512
6d8d342eb1382be57a1ca838d6fa987b32a3ed1f255f94dd0a9db231c0713c15398acbed988e2a4e3550a08988e4305bdc90506ee8a93b63086e5397ae395267
-
SSDEEP
768:FOT/0+bspijWBN+drsP1sqqzNFKI2FT8SPI5siIPFv2jPVdov35BMCS:60+2iji2stsq23KFzP8oPFOjtdm5O
Score10/10-
Modifies WinLogon for persistence
-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Disables RegEdit via registry modification
-
Disables cmd.exe use via registry modification
-
Drops file in Drivers directory
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1