7d3b3618f7d8eef9f4e9f6614f7be9f016f95d6f19cd074a8fa03f5cf2f4a151 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

101bacd7c5aac7e0bcd61f2d9d5ce5ff_JaffaCakes118
Size

270KB
Sample

240626-axmh5awdnj
MD5

101bacd7c5aac7e0bcd61f2d9d5ce5ff
SHA1

9414481ac80701c213e7ae130c56c43af0d8bb12
SHA256

7d3b3618f7d8eef9f4e9f6614f7be9f016f95d6f19cd074a8fa03f5cf2f4a151
SHA512

f961428719fd507e73b802d9617fd2f71e7cd371ca8e65c5887bee95335146bc87ae8ced2e2e7b5636c07dd293c418025f9ddb3835a0b7bf990db571b46c6c39
SSDEEP

6144:LG0w4rrdhvh9Bc/byJT5E17pn2Hhru9dLP/sBPA/g:Lw4vRl07V+y9WhA/g

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  101bacd7c5aac7e0bcd61f2d9d5ce5ff_JaffaCakes118
- Size
  
  270KB
- MD5
  
  101bacd7c5aac7e0bcd61f2d9d5ce5ff
- SHA1
  
  9414481ac80701c213e7ae130c56c43af0d8bb12
- SHA256
  
  7d3b3618f7d8eef9f4e9f6614f7be9f016f95d6f19cd074a8fa03f5cf2f4a151
- SHA512
  
  f961428719fd507e73b802d9617fd2f71e7cd371ca8e65c5887bee95335146bc87ae8ced2e2e7b5636c07dd293c418025f9ddb3835a0b7bf990db571b46c6c39
- SSDEEP
  
  6144:LG0w4rrdhvh9Bc/byJT5E17pn2Hhru9dLP/sBPA/g:Lw4vRl07V+y9WhA/g
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2