06923c2284e42cb4c8280c652ad6c3975489a8b1ad84ad327dafabf6da5ac033 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

637ede27e78cd5ed3d2c715806eef558_JaffaCakes118
Size

271KB
Sample

240722-rj33dssemr
MD5

637ede27e78cd5ed3d2c715806eef558
SHA1

1921f5e96a1ad2d0dfe6de153b51807973894e0d
SHA256

06923c2284e42cb4c8280c652ad6c3975489a8b1ad84ad327dafabf6da5ac033
SHA512

86e77459ac8ac5b739561e54fac81007923b0e9295415a4e156b81129175407d53d25f85d29887e0fefeedcb298f03e27f65486bbeae34ab7f3d5e19403bbf68
SSDEEP

6144:+TC+lme8mX3yogwtYMJn3Vf9SCpHpXo/dXdfoaj:+R8mXXgM13VfXpJUDj

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  637ede27e78cd5ed3d2c715806eef558_JaffaCakes118
- Size
  
  271KB
- MD5
  
  637ede27e78cd5ed3d2c715806eef558
- SHA1
  
  1921f5e96a1ad2d0dfe6de153b51807973894e0d
- SHA256
  
  06923c2284e42cb4c8280c652ad6c3975489a8b1ad84ad327dafabf6da5ac033
- SHA512
  
  86e77459ac8ac5b739561e54fac81007923b0e9295415a4e156b81129175407d53d25f85d29887e0fefeedcb298f03e27f65486bbeae34ab7f3d5e19403bbf68
- SSDEEP
  
  6144:+TC+lme8mX3yogwtYMJn3Vf9SCpHpXo/dXdfoaj:+R8mXXgM13VfXpJUDj
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2