General
-
Target
ed9cb2f3d3da05fc5ed9db498376aba6_JaffaCakes118
-
Size
165KB
-
Sample
240920-pxtprsxcpj
-
MD5
ed9cb2f3d3da05fc5ed9db498376aba6
-
SHA1
59036e34b960a219017329958213448e2cc191ec
-
SHA256
0ec6f0ebaf4d0e0d90e965467890b780ecd3165d1fa3d8159f6bda06814c7cc0
-
SHA512
8924201c8fb5360bc0cccebbbb600ee337e2f511ce81569162963c485f2ca26301790b8e5ba0d71ff643df803ec74537a0026596ea2d4567430553a136c41222
-
SSDEEP
3072:DJ60eHeen2sp7Z2gcsRxAry4yLcW9uf3/jv+Y2l2SsU5t1rb+ys9jGL7sY5:DJhZQxpZ2gcoCMB+jvH2XZ+7h9S
Malware Config
Targets
-
-
Target
ed9cb2f3d3da05fc5ed9db498376aba6_JaffaCakes118
-
Size
165KB
-
MD5
ed9cb2f3d3da05fc5ed9db498376aba6
-
SHA1
59036e34b960a219017329958213448e2cc191ec
-
SHA256
0ec6f0ebaf4d0e0d90e965467890b780ecd3165d1fa3d8159f6bda06814c7cc0
-
SHA512
8924201c8fb5360bc0cccebbbb600ee337e2f511ce81569162963c485f2ca26301790b8e5ba0d71ff643df803ec74537a0026596ea2d4567430553a136c41222
-
SSDEEP
3072:DJ60eHeen2sp7Z2gcsRxAry4yLcW9uf3/jv+Y2l2SsU5t1rb+ys9jGL7sY5:DJhZQxpZ2gcoCMB+jvH2XZ+7h9S
Score10/10-
Modifies WinLogon for persistence
-
Disables Task Manager via registry modification
-
Impair Defenses: Safe Mode Boot
-
Modifies WinLogon
-
Suspicious use of SetThreadContext
-