d1b0bacd22b94bbdecf1dd6e411d3c2fd1c0c8397df9fdc44f07a309c54a3597 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f62260f298ec31a6565fc1c67d74256_JaffaCakes118
Size

263KB
Sample

240712-3zce6awfpr
MD5

3f62260f298ec31a6565fc1c67d74256
SHA1

87cd80705e4bef697be1739fadbf50b00f480970
SHA256

d1b0bacd22b94bbdecf1dd6e411d3c2fd1c0c8397df9fdc44f07a309c54a3597
SHA512

e3d35b1a12dfbb86996ac3cc126fa5aab21a1e2edf075473fc49ace89f1ac13051b69aa977ee260408415f5785cbaa958ab7351247d1dc57ae24b457ff2fff0c
SSDEEP

6144:7hPZy+chYf9vFAQewiHStKoOZ3j7BAkQd/b+TGCokrArDP6c:jBf9FLlpOJxQdjlD7

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3f62260f298ec31a6565fc1c67d74256_JaffaCakes118
- Size
  
  263KB
- MD5
  
  3f62260f298ec31a6565fc1c67d74256
- SHA1
  
  87cd80705e4bef697be1739fadbf50b00f480970
- SHA256
  
  d1b0bacd22b94bbdecf1dd6e411d3c2fd1c0c8397df9fdc44f07a309c54a3597
- SHA512
  
  e3d35b1a12dfbb86996ac3cc126fa5aab21a1e2edf075473fc49ace89f1ac13051b69aa977ee260408415f5785cbaa958ab7351247d1dc57ae24b457ff2fff0c
- SSDEEP
  
  6144:7hPZy+chYf9vFAQewiHStKoOZ3j7BAkQd/b+TGCokrArDP6c:jBf9FLlpOJxQdjlD7
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2