8d7235cd8fa83b1baf551ac725807b3b18126a9d18fe1eeb05510098368ab41c | Triage

Sharing

General

Target

20ddc972f71c8e584ed2c43254eb811b_JaffaCakes118
Size

132KB
Sample

240703-djpywathpg
MD5

20ddc972f71c8e584ed2c43254eb811b
SHA1

3d76e5c230f7637c6c0b842476b214b4b63891ab
SHA256

8d7235cd8fa83b1baf551ac725807b3b18126a9d18fe1eeb05510098368ab41c
SHA512

76d1b506b659af0b6e1e163af45219f2eb323a074773f43d4dc48bcda21a553945f71d9319b96f93f4161d5ce508f4e01fc7a2fe96c9823fda3f5392850f51a4
SSDEEP

1536:tKF06tFtToUuvACiUvfkM4jxilb2uLdSVq2naRIUfEJlrFV39HB4FvCHt:EF08foUuvACiJQTgnaRIUf6lRfHBO

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  20ddc972f71c8e584ed2c43254eb811b_JaffaCakes118
- Size
  
  132KB
- MD5
  
  20ddc972f71c8e584ed2c43254eb811b
- SHA1
  
  3d76e5c230f7637c6c0b842476b214b4b63891ab
- SHA256
  
  8d7235cd8fa83b1baf551ac725807b3b18126a9d18fe1eeb05510098368ab41c
- SHA512
  
  76d1b506b659af0b6e1e163af45219f2eb323a074773f43d4dc48bcda21a553945f71d9319b96f93f4161d5ce508f4e01fc7a2fe96c9823fda3f5392850f51a4
- SSDEEP
  
  1536:tKF06tFtToUuvACiUvfkM4jxilb2uLdSVq2naRIUfEJlrFV39HB4FvCHt:EF08foUuvACiJQTgnaRIUf6lRfHBO
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2