525a621533388fe211966d5f68017f6da2213c761d73061e848963a2427e1b4e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34aee0dcdcbc050198beca599326c92d_JaffaCakes118
Size

255KB
Sample

240710-pf835axcqm
MD5

34aee0dcdcbc050198beca599326c92d
SHA1

fdc2d7cc9ad7e129a28ca9ba0f9f2b3656040739
SHA256

525a621533388fe211966d5f68017f6da2213c761d73061e848963a2427e1b4e
SHA512

c003cd43d73cd7a94fde0c6000a8a329f885194dd7f8ce902d5ba35aa52e4262cae601011f571d474195a145734dfeeefae8ade1b8704ec6fea6fbccbe2e85b6
SSDEEP

6144:KNU2+2kcTBWUZxjCld3hRV2QsXSAaj4ijpFaQTQisa:KNRdpgdRRoTCD4ijpoix

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  34aee0dcdcbc050198beca599326c92d_JaffaCakes118
- Size
  
  255KB
- MD5
  
  34aee0dcdcbc050198beca599326c92d
- SHA1
  
  fdc2d7cc9ad7e129a28ca9ba0f9f2b3656040739
- SHA256
  
  525a621533388fe211966d5f68017f6da2213c761d73061e848963a2427e1b4e
- SHA512
  
  c003cd43d73cd7a94fde0c6000a8a329f885194dd7f8ce902d5ba35aa52e4262cae601011f571d474195a145734dfeeefae8ade1b8704ec6fea6fbccbe2e85b6
- SSDEEP
  
  6144:KNU2+2kcTBWUZxjCld3hRV2QsXSAaj4ijpFaQTQisa:KNRdpgdRRoTCD4ijpoix
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2