2c4ba0373dfb86fb7c81a14b03f44dc4d8205e02941d2975c819ebbab91b79ae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

474bf4429ad1dad79e0570a0bdec9d44_JaffaCakes118
Size

3KB
Sample

240714-3q8f8szhkg
MD5

474bf4429ad1dad79e0570a0bdec9d44
SHA1

639404ef7e858b7752f9a2c16f54754169b4ce7a
SHA256

2c4ba0373dfb86fb7c81a14b03f44dc4d8205e02941d2975c819ebbab91b79ae
SHA512

b6f71c47655e95647af83413f9fad6c8a6e46ef50b7059766d8d666571c76570f3612bea3daf3308b67bd36b5e5453bcadfe0aa472653a23644133f9ccc5c197

Score

10^/10

persistence upx

Malware Config

Targets

- Target
  
  474bf4429ad1dad79e0570a0bdec9d44_JaffaCakes118
- Size
  
  3KB
- MD5
  
  474bf4429ad1dad79e0570a0bdec9d44
- SHA1
  
  639404ef7e858b7752f9a2c16f54754169b4ce7a
- SHA256
  
  2c4ba0373dfb86fb7c81a14b03f44dc4d8205e02941d2975c819ebbab91b79ae
- SHA512
  
  b6f71c47655e95647af83413f9fad6c8a6e46ef50b7059766d8d666571c76570f3612bea3daf3308b67bd36b5e5453bcadfe0aa472653a23644133f9ccc5c197
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- Drops file in Drivers directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2