General

  • Target

    JaffaCakes118_40d7b58d9c4286a779df6e5aafbb2c7b

  • Size

    103KB

  • Sample

    250127-sjvxfsvnak

  • MD5

    40d7b58d9c4286a779df6e5aafbb2c7b

  • SHA1

    1a9d219aebb82b8599240edc2c2e1c3ee72e7fe6

  • SHA256

    a52c8b1bbe04a653860e8e4cedb0e752c6e117ab88846fa49c641a6b30b56c82

  • SHA512

    399c137f38c150935f21da4ec508f1c4e2390799e0357a5a3bc9f42d2f261c012edb562bdece1be8e22a00b1ffd795bc72d88117775f6be733e1114cd3748178

  • SSDEEP

    1536:HU6P6rUGWkXtcVd00Mo9bUvPE04RZmNnKe3OBmTZCKP+4eJmLI8WsY:YWkX6UckPE04s5h30IxPy/8TY

Score
10/10

Malware Config

Targets

    • Target

      JaffaCakes118_40d7b58d9c4286a779df6e5aafbb2c7b

    • Size

      103KB

    • MD5

      40d7b58d9c4286a779df6e5aafbb2c7b

    • SHA1

      1a9d219aebb82b8599240edc2c2e1c3ee72e7fe6

    • SHA256

      a52c8b1bbe04a653860e8e4cedb0e752c6e117ab88846fa49c641a6b30b56c82

    • SHA512

      399c137f38c150935f21da4ec508f1c4e2390799e0357a5a3bc9f42d2f261c012edb562bdece1be8e22a00b1ffd795bc72d88117775f6be733e1114cd3748178

    • SSDEEP

      1536:HU6P6rUGWkXtcVd00Mo9bUvPE04RZmNnKe3OBmTZCKP+4eJmLI8WsY:YWkX6UckPE04s5h30IxPy/8TY

    Score
    10/10
    • Modifies WinLogon for persistence

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks