7300747c1dc00004d4038cb320d2c59d6931606d03f8e476168ebf49cb060962 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2132be2b5e4a551635114748e33af17d_JaffaCakes118
Size

268KB
Sample

240703-fz3wsatarq
MD5

2132be2b5e4a551635114748e33af17d
SHA1

f26c8bf68d3a0f3879d632d24ecbc0754b5ec9fd
SHA256

7300747c1dc00004d4038cb320d2c59d6931606d03f8e476168ebf49cb060962
SHA512

d5f6d7b612fad61750dde38955f5200dde6de779ee60c70d75f89e858ac3a88eef008cb9fc8981b2cc8000a9af7b5ba54123319292c5a6e8bc21dd956e28ed2e
SSDEEP

6144:+Rkn+alqMqDoV0L29KQWFte1RfUuSDe+ArH:+Rg+allJ0LcKNyR3SM

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  2132be2b5e4a551635114748e33af17d_JaffaCakes118
- Size
  
  268KB
- MD5
  
  2132be2b5e4a551635114748e33af17d
- SHA1
  
  f26c8bf68d3a0f3879d632d24ecbc0754b5ec9fd
- SHA256
  
  7300747c1dc00004d4038cb320d2c59d6931606d03f8e476168ebf49cb060962
- SHA512
  
  d5f6d7b612fad61750dde38955f5200dde6de779ee60c70d75f89e858ac3a88eef008cb9fc8981b2cc8000a9af7b5ba54123319292c5a6e8bc21dd956e28ed2e
- SSDEEP
  
  6144:+Rkn+alqMqDoV0L29KQWFte1RfUuSDe+ArH:+Rg+allJ0LcKNyR3SM
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2