7b80de33f9a7cf18003ba48577d6f36f1fbdca480d113bfe7b7c3f0ff43f4d9b | Triage

Sharing

General

Target

ea734563e4b9084ae2f4a682f4630b5f_JaffaCakes118
Size

255KB
Sample

240919-dbjrwsxbqe
MD5

ea734563e4b9084ae2f4a682f4630b5f
SHA1

3b910c266509d73217eedd7ad12cc1aa73ddc603
SHA256

7b80de33f9a7cf18003ba48577d6f36f1fbdca480d113bfe7b7c3f0ff43f4d9b
SHA512

e42de35635028a7b23c96b9da045350f6a7884ff6b75005e6ed100d8afbeab38d2e2bef70ce8caec29132f52b0293430cb6c9037f8696be5e508473674d92c5b
SSDEEP

6144:LEpfkHTHxBxcz3G+GOv3pHS+rwfgfVnuTJT+:VHTHxBxczG+GOv3pHS+rp9uk

Score

10^/10

discovery evasion persistence

Malware Config

Targets

- Target
  
  ea734563e4b9084ae2f4a682f4630b5f_JaffaCakes118
- Size
  
  255KB
- MD5
  
  ea734563e4b9084ae2f4a682f4630b5f
- SHA1
  
  3b910c266509d73217eedd7ad12cc1aa73ddc603
- SHA256
  
  7b80de33f9a7cf18003ba48577d6f36f1fbdca480d113bfe7b7c3f0ff43f4d9b
- SHA512
  
  e42de35635028a7b23c96b9da045350f6a7884ff6b75005e6ed100d8afbeab38d2e2bef70ce8caec29132f52b0293430cb6c9037f8696be5e508473674d92c5b
- SSDEEP
  
  6144:LEpfkHTHxBxcz3G+GOv3pHS+rwfgfVnuTJT+:VHTHxBxczG+GOv3pHS+rp9uk
Score

10^/10

discovery evasion persistence
- Modifies WinLogon for persistence
  persistence
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

discoveryevasionpersistence