98abac4b937b0edc02b10131f998c79c3b253bb390e2349bccbc2a6b3d4468cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44741d0b1ceafb9044ff54a2df952787_JaffaCakes118
Size

243KB
Sample

240714-fxpldaxfqj
MD5

44741d0b1ceafb9044ff54a2df952787
SHA1

be64a3174471f9b39673eb42c19191625a583d62
SHA256

98abac4b937b0edc02b10131f998c79c3b253bb390e2349bccbc2a6b3d4468cb
SHA512

50e35030c364331a27cd9ea17ba188e26634181eac9b55684fcf349eeca6246b680f7ee3b53fcfed2a5d28a2042dd61fec4393293fa9cab6fd95ab48632540f1
SSDEEP

6144:mnScTKd/ASzisjWzxCyEBQFyTrfdiaXuQtqc7YKqkYh:aTKCS2sjWC1rfd/Rtqc7HqkYh

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  44741d0b1ceafb9044ff54a2df952787_JaffaCakes118
- Size
  
  243KB
- MD5
  
  44741d0b1ceafb9044ff54a2df952787
- SHA1
  
  be64a3174471f9b39673eb42c19191625a583d62
- SHA256
  
  98abac4b937b0edc02b10131f998c79c3b253bb390e2349bccbc2a6b3d4468cb
- SHA512
  
  50e35030c364331a27cd9ea17ba188e26634181eac9b55684fcf349eeca6246b680f7ee3b53fcfed2a5d28a2042dd61fec4393293fa9cab6fd95ab48632540f1
- SSDEEP
  
  6144:mnScTKd/ASzisjWzxCyEBQFyTrfdiaXuQtqc7YKqkYh:aTKCS2sjWC1rfd/Rtqc7HqkYh
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2