53be3a39c7340867acd254e93d3439a765f385b28e196da8528320d80aec5fff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60083ddea451dbae2ab2b7f92ddd2ce0_JaffaCakes118
Size

253KB
Sample

240720-l29p1axbrp
MD5

60083ddea451dbae2ab2b7f92ddd2ce0
SHA1

25f0d4515926b9081e4741362a6fbe89a2565b88
SHA256

53be3a39c7340867acd254e93d3439a765f385b28e196da8528320d80aec5fff
SHA512

6d7ceb4f7c8dd5698efe9fd5b76ed0a7abaf3fb9fbbe1fcf3105799185f41e492c5db45c1bb3d0f3588e17bd032ef0563fe1d62f042fa4f15afdb9e279cdbb79
SSDEEP

6144:Aj89h36jLTfrPXGxxkDal4jZUNesLT91omGSSG4u2WOMNOsPaU7:7yTjOxa0+ZdsLTLGJC2WNYrU7

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  60083ddea451dbae2ab2b7f92ddd2ce0_JaffaCakes118
- Size
  
  253KB
- MD5
  
  60083ddea451dbae2ab2b7f92ddd2ce0
- SHA1
  
  25f0d4515926b9081e4741362a6fbe89a2565b88
- SHA256
  
  53be3a39c7340867acd254e93d3439a765f385b28e196da8528320d80aec5fff
- SHA512
  
  6d7ceb4f7c8dd5698efe9fd5b76ed0a7abaf3fb9fbbe1fcf3105799185f41e492c5db45c1bb3d0f3588e17bd032ef0563fe1d62f042fa4f15afdb9e279cdbb79
- SSDEEP
  
  6144:Aj89h36jLTfrPXGxxkDal4jZUNesLT91omGSSG4u2WOMNOsPaU7:7yTjOxa0+ZdsLTLGJC2WNYrU7
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2