bf34b749f59b4dff25f1f6b24a2024c2cf65069805e7248f831eb7facd90eedd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26b1dba20fee45fa44c3c9e6d2287c11_JaffaCakes118
Size

264KB
Sample

240704-3t63ksyeqc
MD5

26b1dba20fee45fa44c3c9e6d2287c11
SHA1

c87cc31bc4518eff58167ee7474e4dd9803fc7a2
SHA256

bf34b749f59b4dff25f1f6b24a2024c2cf65069805e7248f831eb7facd90eedd
SHA512

05a2403eeafd5af1e43edd854e0f87453b9e523c857e3e13cb19062e55af37d00c288a04f2886b27c1f823aa11a4dc03629334daaeb0fded107b2a1c0c6d0827
SSDEEP

6144:YtXf2HVyYKmKb0dtklTVKyuNitw1RfO+nDs3hoZicmnSJhEKPV9:YtXfcKmKItlBEAWpycoJ9z

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  26b1dba20fee45fa44c3c9e6d2287c11_JaffaCakes118
- Size
  
  264KB
- MD5
  
  26b1dba20fee45fa44c3c9e6d2287c11
- SHA1
  
  c87cc31bc4518eff58167ee7474e4dd9803fc7a2
- SHA256
  
  bf34b749f59b4dff25f1f6b24a2024c2cf65069805e7248f831eb7facd90eedd
- SHA512
  
  05a2403eeafd5af1e43edd854e0f87453b9e523c857e3e13cb19062e55af37d00c288a04f2886b27c1f823aa11a4dc03629334daaeb0fded107b2a1c0c6d0827
- SSDEEP
  
  6144:YtXf2HVyYKmKb0dtklTVKyuNitw1RfO+nDs3hoZicmnSJhEKPV9:YtXfcKmKItlBEAWpycoJ9z
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2