General
-
Target
7463b5aff2bab49ee46b4a2cdfa5f680_JaffaCakes118
-
Size
7.2MB
-
Sample
240726-rgrlksseml
-
MD5
7463b5aff2bab49ee46b4a2cdfa5f680
-
SHA1
49845384340e447d4b876723af20b29ea8b98f18
-
SHA256
1761c902d3b5f361701adfe9b6a1c9a0157896c60ec114c5502b7913b86c858a
-
SHA512
a39d1cd563fa5c67661fd855832afda0b44ae2607b57e162b9f5c00cbdf086b61e09141993e18e42491232359d7d8e081772128f5e745036c608556279e92ec3
-
SSDEEP
98304:sSlXPw6zyK+Mo6cOb8VR44Ccq429GquzCz94:suXdR+Mo5PVRlgOzCZ
Malware Config
Targets
-
-
Target
7463b5aff2bab49ee46b4a2cdfa5f680_JaffaCakes118
-
Size
7.2MB
-
MD5
7463b5aff2bab49ee46b4a2cdfa5f680
-
SHA1
49845384340e447d4b876723af20b29ea8b98f18
-
SHA256
1761c902d3b5f361701adfe9b6a1c9a0157896c60ec114c5502b7913b86c858a
-
SHA512
a39d1cd563fa5c67661fd855832afda0b44ae2607b57e162b9f5c00cbdf086b61e09141993e18e42491232359d7d8e081772128f5e745036c608556279e92ec3
-
SSDEEP
98304:sSlXPw6zyK+Mo6cOb8VR44Ccq429GquzCz94:suXdR+Mo5PVRlgOzCZ
Score8/10-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Modifies WinLogon
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1