b478740a05a9a7fc5d9598f06acfd9a28dc8dbe8f1fa6419193cb2956672de26 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

027d3346f04c8dd4a99546aa1eeb15ae_JaffaCakes118
Size

278KB
Sample

240620-d8rtrswhrd
MD5

027d3346f04c8dd4a99546aa1eeb15ae
SHA1

587ee258e8cb0ca6acf2c155e72e939dae989b38
SHA256

b478740a05a9a7fc5d9598f06acfd9a28dc8dbe8f1fa6419193cb2956672de26
SHA512

7c6b259c9d81c4c7df9ec7939b15e4045dfa0c86632b6814aaf5895dd40ba33059d8d6dcc36c87e884d73a17cb81c00d27ee5403e7792dc7a102beb81f60535e
SSDEEP

6144:IsNh3FiYgojSy1y454e4590y+GfqkP+dEkFj:IsNhViYgXP45Q59UVF

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  027d3346f04c8dd4a99546aa1eeb15ae_JaffaCakes118
- Size
  
  278KB
- MD5
  
  027d3346f04c8dd4a99546aa1eeb15ae
- SHA1
  
  587ee258e8cb0ca6acf2c155e72e939dae989b38
- SHA256
  
  b478740a05a9a7fc5d9598f06acfd9a28dc8dbe8f1fa6419193cb2956672de26
- SHA512
  
  7c6b259c9d81c4c7df9ec7939b15e4045dfa0c86632b6814aaf5895dd40ba33059d8d6dcc36c87e884d73a17cb81c00d27ee5403e7792dc7a102beb81f60535e
- SSDEEP
  
  6144:IsNh3FiYgojSy1y454e4590y+GfqkP+dEkFj:IsNhViYgXP45Q59UVF
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2