00eddd138e5dd922674389cfa97a1f083f37fb8436d0bc7da22bb16e79efca9d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4104a7da572ae06eb42b3fdc5a262997_JaffaCakes118
Size

262KB
Sample

240713-kv4pqswhlg
MD5

4104a7da572ae06eb42b3fdc5a262997
SHA1

bf15e48f700f01a8b2c1324249da1879e2378615
SHA256

00eddd138e5dd922674389cfa97a1f083f37fb8436d0bc7da22bb16e79efca9d
SHA512

d86caf58fa085c8314272fcb70c5cdf16d9ae4d90645b0c5820166cbb3f1684ae3ec18e4016b1aa0871e3000fe2e8f2c4a73e11eeb6a29deec2ab50bf7de77d8
SSDEEP

6144:aDnegNjNelXOcLG564MMaVdpb2X5kVIXPe7gLSA3Ne9F:aLegNj4OcLG564MMarq5kVIXPeye9F

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  4104a7da572ae06eb42b3fdc5a262997_JaffaCakes118
- Size
  
  262KB
- MD5
  
  4104a7da572ae06eb42b3fdc5a262997
- SHA1
  
  bf15e48f700f01a8b2c1324249da1879e2378615
- SHA256
  
  00eddd138e5dd922674389cfa97a1f083f37fb8436d0bc7da22bb16e79efca9d
- SHA512
  
  d86caf58fa085c8314272fcb70c5cdf16d9ae4d90645b0c5820166cbb3f1684ae3ec18e4016b1aa0871e3000fe2e8f2c4a73e11eeb6a29deec2ab50bf7de77d8
- SSDEEP
  
  6144:aDnegNjNelXOcLG564MMaVdpb2X5kVIXPe7gLSA3Ne9F:aLegNj4OcLG564MMarq5kVIXPeye9F
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2