General
-
Target
1aeea49d25b4dc6e42724c9c0d2e9296_JaffaCakes118
-
Size
10KB
-
Sample
240701-me9xxswcna
-
MD5
1aeea49d25b4dc6e42724c9c0d2e9296
-
SHA1
2d5e850c7f8872a994ac3eee8fd14f082e46ce05
-
SHA256
8b2bfe0e55b5ac5bdc545a14b1564d07da18adf59670184f05f6c9f2549ed5d6
-
SHA512
bf3146ed58df01d93d2a5c185c034e2a86ecc95beab81e3501736e0f9e38a7068bcc941df12c10681284f7a76b84939311726eb1ead2e96ded185810991bfd96
-
SSDEEP
192:/TojHDbwLgReF4UjMN2z+Ko4SSFaNJhLkwcud2DH9VwGfctexPe85/OS/oJKWQW8:/TojHDbwIeF4ISRJWaNJawcudoD7Unlo
Malware Config
Targets
-
-
Target
1aeea49d25b4dc6e42724c9c0d2e9296_JaffaCakes118
-
Size
10KB
-
MD5
1aeea49d25b4dc6e42724c9c0d2e9296
-
SHA1
2d5e850c7f8872a994ac3eee8fd14f082e46ce05
-
SHA256
8b2bfe0e55b5ac5bdc545a14b1564d07da18adf59670184f05f6c9f2549ed5d6
-
SHA512
bf3146ed58df01d93d2a5c185c034e2a86ecc95beab81e3501736e0f9e38a7068bcc941df12c10681284f7a76b84939311726eb1ead2e96ded185810991bfd96
-
SSDEEP
192:/TojHDbwLgReF4UjMN2z+Ko4SSFaNJhLkwcud2DH9VwGfctexPe85/OS/oJKWQW8:/TojHDbwIeF4ISRJWaNJawcudoD7Unlo
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Event Triggered Execution: Image File Execution Options Injection
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1