General

  • Target

    ee405277b852e50900286c0c459bb825_JaffaCakes118

  • Size

    498KB

  • Sample

    240920-xwj3yatajm

  • MD5

    ee405277b852e50900286c0c459bb825

  • SHA1

    0f928867aee0ae01752ec28c818a9844658eaa5c

  • SHA256

    dc3b158e06ca5cb37f35a96aee39fd000ed5a1a26ef69ad8a7e6d39a6f228ebd

  • SHA512

    d0c5651bbc443553d840ecde25ab0ea926eab9be21335e2e4ac7aed7ae1258aa54168748fc8a3e742a90bda44dbc3bda2faef5514215291e76f87a82f2005a72

  • SSDEEP

    12288:CjyvdbX024ALz8LSK8bCElahx0Ntu4Z810AioUPxa6uf3I9W:UMdbxd/CElS0C4Z8ENPxFufY

Score
10/10

Malware Config

Targets

    • Target

      ee405277b852e50900286c0c459bb825_JaffaCakes118

    • Size

      498KB

    • MD5

      ee405277b852e50900286c0c459bb825

    • SHA1

      0f928867aee0ae01752ec28c818a9844658eaa5c

    • SHA256

      dc3b158e06ca5cb37f35a96aee39fd000ed5a1a26ef69ad8a7e6d39a6f228ebd

    • SHA512

      d0c5651bbc443553d840ecde25ab0ea926eab9be21335e2e4ac7aed7ae1258aa54168748fc8a3e742a90bda44dbc3bda2faef5514215291e76f87a82f2005a72

    • SSDEEP

      12288:CjyvdbX024ALz8LSK8bCElahx0Ntu4Z810AioUPxa6uf3I9W:UMdbxd/CElS0C4Z8ENPxFufY

    Score
    10/10
    • Modifies WinLogon for persistence

    • Adds policy Run key to start application

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks