General
-
Target
154e078a01c64594670fc142909254ee_JaffaCakes118
-
Size
723KB
-
Sample
240627-j9g9lstcrk
-
MD5
154e078a01c64594670fc142909254ee
-
SHA1
22cae4c77eb6e3ff4163b39b65dafceb935e1f11
-
SHA256
7c76299e3ac43fd7282eb0a981138f2e4e8a6521cc2ba7486049c8c92ad68900
-
SHA512
323d1ac93b1676834c21d267f23a0e08aced1677fe939cc8d205d3a49da3c834729799a7f31983cfae16da1e5908093481732653cb8aa7bbdd70ba8968a3c172
-
SSDEEP
12288:7FLlJnnbWOtz6sVJhvaz1Qc/WdI//vfM4qwrbkniafBo6vnTylKM/q9jJr:Z3nbWmJVJFwSddIXvfhqbia/v2jq9V
Behavioral task
behavioral1
Sample
154e078a01c64594670fc142909254ee_JaffaCakes118.exe
Resource
win7-20240611-en
Malware Config
Targets
-
-
Target
154e078a01c64594670fc142909254ee_JaffaCakes118
-
Size
723KB
-
MD5
154e078a01c64594670fc142909254ee
-
SHA1
22cae4c77eb6e3ff4163b39b65dafceb935e1f11
-
SHA256
7c76299e3ac43fd7282eb0a981138f2e4e8a6521cc2ba7486049c8c92ad68900
-
SHA512
323d1ac93b1676834c21d267f23a0e08aced1677fe939cc8d205d3a49da3c834729799a7f31983cfae16da1e5908093481732653cb8aa7bbdd70ba8968a3c172
-
SSDEEP
12288:7FLlJnnbWOtz6sVJhvaz1Qc/WdI//vfM4qwrbkniafBo6vnTylKM/q9jJr:Z3nbWmJVJFwSddIXvfhqbia/v2jq9V
Score10/10-
Modifies WinLogon for persistence
-
Modifies firewall policy service
-
Modifies security service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Create or Modify System Process
2Windows Service
2Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Create or Modify System Process
2Windows Service
2