c02a3a3ed8a93de0723decdc2cfef6c9c05b74d444de7295fa801dd4a73fab0b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bfcb41c934cbc43ad6b36f8aeb7e5568_JaffaCakes118
Size

1.2MB
Sample

240825-a652ts1apk
MD5

bfcb41c934cbc43ad6b36f8aeb7e5568
SHA1

8eec3b504504465cf2baa76b5fd8b3da10f843cd
SHA256

c02a3a3ed8a93de0723decdc2cfef6c9c05b74d444de7295fa801dd4a73fab0b
SHA512

af1f970de560f4bded95d63870b370b179603feab970c99ff01081df6809e863d5049e2f8c493a03fb14870bdae857d4fcd6531089e12563a27fe303ac6f7cc3
SSDEEP

24576:FuieJ4nna0Lf2YAV2snE1v6A/fY1dAZCkEpUf4Kl:FNwona0DjG2vppCkEpUfBl

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  bfcb41c934cbc43ad6b36f8aeb7e5568_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  bfcb41c934cbc43ad6b36f8aeb7e5568
- SHA1
  
  8eec3b504504465cf2baa76b5fd8b3da10f843cd
- SHA256
  
  c02a3a3ed8a93de0723decdc2cfef6c9c05b74d444de7295fa801dd4a73fab0b
- SHA512
  
  af1f970de560f4bded95d63870b370b179603feab970c99ff01081df6809e863d5049e2f8c493a03fb14870bdae857d4fcd6531089e12563a27fe303ac6f7cc3
- SSDEEP
  
  24576:FuieJ4nna0Lf2YAV2snE1v6A/fY1dAZCkEpUf4Kl:FNwona0DjG2vppCkEpUfBl
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence