fee3705df6367e0f26d12eceb184caea38e7e90d3eea852b66922a3323961203 | Triage

Sharing

General

Target

9476c274073635be6bfa1cdd4b120bc7_JaffaCakes118
Size

277KB
Sample

240813-yd7xqasfkh
MD5

9476c274073635be6bfa1cdd4b120bc7
SHA1

99e66d8457e09181ad83b470a0a6fc316e488f67
SHA256

fee3705df6367e0f26d12eceb184caea38e7e90d3eea852b66922a3323961203
SHA512

37916da79c78a638bf403cab7f99b646e5e3c29a713a324ebf6a9d57dce6829b51f61c1ab7bdfe423a331b6654b27b342b5fad0f87eeaf27d2d714947316db4e
SSDEEP

6144:X1TnDzopfUxko17BX/ECry0Eya7dSYl0Od/P+9:X1TDeo59EgUgYl08+

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  9476c274073635be6bfa1cdd4b120bc7_JaffaCakes118
- Size
  
  277KB
- MD5
  
  9476c274073635be6bfa1cdd4b120bc7
- SHA1
  
  99e66d8457e09181ad83b470a0a6fc316e488f67
- SHA256
  
  fee3705df6367e0f26d12eceb184caea38e7e90d3eea852b66922a3323961203
- SHA512
  
  37916da79c78a638bf403cab7f99b646e5e3c29a713a324ebf6a9d57dce6829b51f61c1ab7bdfe423a331b6654b27b342b5fad0f87eeaf27d2d714947316db4e
- SSDEEP
  
  6144:X1TnDzopfUxko17BX/ECry0Eya7dSYl0Od/P+9:X1TDeo59EgUgYl08+
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence