537bec7a7645b4ecae026cb6abb54394823af139d8584bf32dcdc538489b0527 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7968002d1e86b55ec72105aa8340168d_JaffaCakes118
Size

355KB
Sample

240527-rr6hgsfe4s
MD5

7968002d1e86b55ec72105aa8340168d
SHA1

cd7ecb6fbb259ccc388e72fc5bb0e0d748b3e1fb
SHA256

537bec7a7645b4ecae026cb6abb54394823af139d8584bf32dcdc538489b0527
SHA512

6c7d2d95a87a942ca2a451d3549ab661ae9abe4786bfe4158210a29304af2e3df26eeeb35778560a7226fd1248a3fe0e4fb89f16808dba1dd156d1a8d2ea30ba
SSDEEP

6144:93EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9EiS:SmWhND9yJz+b1FcMLmp2ATTSsdS

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  7968002d1e86b55ec72105aa8340168d_JaffaCakes118
- Size
  
  355KB
- MD5
  
  7968002d1e86b55ec72105aa8340168d
- SHA1
  
  cd7ecb6fbb259ccc388e72fc5bb0e0d748b3e1fb
- SHA256
  
  537bec7a7645b4ecae026cb6abb54394823af139d8584bf32dcdc538489b0527
- SHA512
  
  6c7d2d95a87a942ca2a451d3549ab661ae9abe4786bfe4158210a29304af2e3df26eeeb35778560a7226fd1248a3fe0e4fb89f16808dba1dd156d1a8d2ea30ba
- SSDEEP
  
  6144:93EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9EiS:SmWhND9yJz+b1FcMLmp2ATTSsdS
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2