06a1767203103b54325b48d3619107317e7799cc2c7bdafb504b1352b850f8dc | Triage

Sharing

General

Target

15b091eaff40aa6f1476cf0b00d4cb7a_JaffaCakes118
Size

271KB
Sample

240627-mq4v2szbqp
MD5

15b091eaff40aa6f1476cf0b00d4cb7a
SHA1

f8d59838ab34c6d67e006c945111888a3ca2f7e0
SHA256

06a1767203103b54325b48d3619107317e7799cc2c7bdafb504b1352b850f8dc
SHA512

f5926ffc63995d80bef10fd4d7625b2f70c58791c59f68c266d253037f1fcaf9d0353885286a64ea0501c4dcdb9fa3938c1d009b20a469d9976c733954eccd0b
SSDEEP

6144:+TC+lme8mX3yogwtYMJn3Vf9SCpHpXo/dXdfoaj:+R8mXXgM13VfXpJUDj

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  15b091eaff40aa6f1476cf0b00d4cb7a_JaffaCakes118
- Size
  
  271KB
- MD5
  
  15b091eaff40aa6f1476cf0b00d4cb7a
- SHA1
  
  f8d59838ab34c6d67e006c945111888a3ca2f7e0
- SHA256
  
  06a1767203103b54325b48d3619107317e7799cc2c7bdafb504b1352b850f8dc
- SHA512
  
  f5926ffc63995d80bef10fd4d7625b2f70c58791c59f68c266d253037f1fcaf9d0353885286a64ea0501c4dcdb9fa3938c1d009b20a469d9976c733954eccd0b
- SSDEEP
  
  6144:+TC+lme8mX3yogwtYMJn3Vf9SCpHpXo/dXdfoaj:+R8mXXgM13VfXpJUDj
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2