General
-
Target
262f71ce88f5315b8e78330d7f2be289_JaffaCakes118
-
Size
51KB
-
Sample
240704-zr1w1a1bqh
-
MD5
262f71ce88f5315b8e78330d7f2be289
-
SHA1
7939fc01f5a5d626607f82e0d5b51a45ae140b8e
-
SHA256
422d5d57e148e46a2bb70d463926d84f78b78fc3a1abf074776e80d6f2a5791a
-
SHA512
98ee4be18196279932bc8bd1473e994f7580efe59c815c1239f33927ac1fd66d94cb5727361f14a503dbb962b91afd9d7c000aada45f9d34a9d5b6e08a7ba972
-
SSDEEP
768:LzUDtNQtNHEXfe8l6SdK8fHPfekFKB3qaSxQZthxxdeVCech1+Y:cTIHvD8fHf00aSKtPccX+
Static task
static1
Behavioral task
behavioral1
Sample
262f71ce88f5315b8e78330d7f2be289_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
262f71ce88f5315b8e78330d7f2be289_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
262f71ce88f5315b8e78330d7f2be289_JaffaCakes118
-
Size
51KB
-
MD5
262f71ce88f5315b8e78330d7f2be289
-
SHA1
7939fc01f5a5d626607f82e0d5b51a45ae140b8e
-
SHA256
422d5d57e148e46a2bb70d463926d84f78b78fc3a1abf074776e80d6f2a5791a
-
SHA512
98ee4be18196279932bc8bd1473e994f7580efe59c815c1239f33927ac1fd66d94cb5727361f14a503dbb962b91afd9d7c000aada45f9d34a9d5b6e08a7ba972
-
SSDEEP
768:LzUDtNQtNHEXfe8l6SdK8fHPfekFKB3qaSxQZthxxdeVCech1+Y:cTIHvD8fHf00aSKtPccX+
Score10/10-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1