b8a3c192f73e009679fe683551860201e6adb44b974e9a99f780ac4c6c817d3e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f01579aa017b0cc6699488dfad03e59c_JaffaCakes118
Size

156KB
Sample

240415-cxyx9seh7z
MD5

f01579aa017b0cc6699488dfad03e59c
SHA1

6d072c5d7a1510971f85f164ae943d29b3ee79cc
SHA256

b8a3c192f73e009679fe683551860201e6adb44b974e9a99f780ac4c6c817d3e
SHA512

57d32cd3393511c2e3447a27d40fb80a29a780fb2a15fb43af00e04fc5cfdb7574441a9da61cae9c1bff988d2482ecb29c47d8c5f9da83e5dc26a5a70dcc1c0c
SSDEEP

3072:1eE1FcNE9IlGM1FDDMaVfg9QjUeXKt4EdE/RSG2OlncIznP7ANX:1esFcNE9IrDDMaVfrjUW2W3zzAN

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  f01579aa017b0cc6699488dfad03e59c_JaffaCakes118
- Size
  
  156KB
- MD5
  
  f01579aa017b0cc6699488dfad03e59c
- SHA1
  
  6d072c5d7a1510971f85f164ae943d29b3ee79cc
- SHA256
  
  b8a3c192f73e009679fe683551860201e6adb44b974e9a99f780ac4c6c817d3e
- SHA512
  
  57d32cd3393511c2e3447a27d40fb80a29a780fb2a15fb43af00e04fc5cfdb7574441a9da61cae9c1bff988d2482ecb29c47d8c5f9da83e5dc26a5a70dcc1c0c
- SSDEEP
  
  3072:1eE1FcNE9IlGM1FDDMaVfg9QjUeXKt4EdE/RSG2OlncIznP7ANX:1esFcNE9IrDDMaVfrjUW2W3zzAN
Score

7^/10

persistence
- Loads dropped DLL
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2