General
-
Target
0d23611706b56da571712099a7feabe2_JaffaCakes118
-
Size
2.9MB
-
Sample
241003-a1x42avgmj
-
MD5
0d23611706b56da571712099a7feabe2
-
SHA1
02b50c0e7c3ed4258cea1258c5bf9e035c14ee59
-
SHA256
5e3e984d129f242ead803a393a0376972434a4fd3732065ebdb7962fd4b08719
-
SHA512
78c191897a83a8cd0a9254d3fc5b2df61fbeab847ac40c044b504631e3c6a929095a64d349081e4c50514fca723ad3c03fd6ae1769f3a944dc1f36b9dceefda0
-
SSDEEP
49152:iOgyc8rcJRy4T8elRVaMiBdo9sn7n5euiWndluRTAEvXPlqVsUIeFIQG:iNyYjgXB6927nKnlZXWdFIQG
Malware Config
Targets
-
-
Target
0d23611706b56da571712099a7feabe2_JaffaCakes118
-
Size
2.9MB
-
MD5
0d23611706b56da571712099a7feabe2
-
SHA1
02b50c0e7c3ed4258cea1258c5bf9e035c14ee59
-
SHA256
5e3e984d129f242ead803a393a0376972434a4fd3732065ebdb7962fd4b08719
-
SHA512
78c191897a83a8cd0a9254d3fc5b2df61fbeab847ac40c044b504631e3c6a929095a64d349081e4c50514fca723ad3c03fd6ae1769f3a944dc1f36b9dceefda0
-
SSDEEP
49152:iOgyc8rcJRy4T8elRVaMiBdo9sn7n5euiWndluRTAEvXPlqVsUIeFIQG:iNyYjgXB6927nKnlZXWdFIQG
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1