e04f9f31f7d74600febcbcad5303c97081f4c82e3ca6f2711237ef14131b1e34 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

177afddeb1517982c7cb42759ad746c3_JaffaCakes118
Size

259KB
Sample

240627-znq8dszfmb
MD5

177afddeb1517982c7cb42759ad746c3
SHA1

e385770b1fbd2438c3094f56bc17daf950ee9c1f
SHA256

e04f9f31f7d74600febcbcad5303c97081f4c82e3ca6f2711237ef14131b1e34
SHA512

af2277b9dee6368c359d33d5627e831e30ee783e05fc2440d9a5dff7cb061d665d9549f6a993675c110a105a77f792e33d72a7431ce78b601c971c08eff4dbdc
SSDEEP

6144:tSAqWATnZSdjM6SoqizS0vzyCpMJE1d5L+H328r5h:thUMdjRLLztpMJAz+X225h

Score

10^/10

persistence upx

Malware Config

Targets

- Target
  
  177afddeb1517982c7cb42759ad746c3_JaffaCakes118
- Size
  
  259KB
- MD5
  
  177afddeb1517982c7cb42759ad746c3
- SHA1
  
  e385770b1fbd2438c3094f56bc17daf950ee9c1f
- SHA256
  
  e04f9f31f7d74600febcbcad5303c97081f4c82e3ca6f2711237ef14131b1e34
- SHA512
  
  af2277b9dee6368c359d33d5627e831e30ee783e05fc2440d9a5dff7cb061d665d9549f6a993675c110a105a77f792e33d72a7431ce78b601c971c08eff4dbdc
- SSDEEP
  
  6144:tSAqWATnZSdjM6SoqizS0vzyCpMJE1d5L+H328r5h:thUMdjRLLztpMJAz+X225h
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2