7e66c835417f2a237797a22551173e8df3daa7609c4030884efb9c13acd28f21 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6297de4db7db6d92e84e98bea2b23889_JaffaCakes118
Size

113KB
Sample

240722-kv2v5sydqg
MD5

6297de4db7db6d92e84e98bea2b23889
SHA1

4aaa5ec9090bd6d03103c03565ea34757be6cd28
SHA256

7e66c835417f2a237797a22551173e8df3daa7609c4030884efb9c13acd28f21
SHA512

051bad82d139a36e7979eab8e49c087bba46286319f7ef5b4456227df8dcd4345998616e0853fa397e61d72be4b6bf26b17a4d7b37a8994d3c9a7f49027b778d
SSDEEP

768:Y9JDcUsuYweMggNz0zFYM9M2AT91kRJ4f3ijYn+GFCiXFzgrPWcyU:Y9JiukMPwL22ATYRJ4f3SY+cCmRg6cr

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  6297de4db7db6d92e84e98bea2b23889_JaffaCakes118
- Size
  
  113KB
- MD5
  
  6297de4db7db6d92e84e98bea2b23889
- SHA1
  
  4aaa5ec9090bd6d03103c03565ea34757be6cd28
- SHA256
  
  7e66c835417f2a237797a22551173e8df3daa7609c4030884efb9c13acd28f21
- SHA512
  
  051bad82d139a36e7979eab8e49c087bba46286319f7ef5b4456227df8dcd4345998616e0853fa397e61d72be4b6bf26b17a4d7b37a8994d3c9a7f49027b778d
- SSDEEP
  
  768:Y9JDcUsuYweMggNz0zFYM9M2AT91kRJ4f3ijYn+GFCiXFzgrPWcyU:Y9JiukMPwL22ATYRJ4f3SY+cCmRg6cr
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2