f968cb7b7ef36711aa1b6622c98c8fce71adde2d0e4ea213bae86686dae53ad0 | Triage

Sharing

General

Target

f0501cda164169ece14a587b45a58159_JaffaCakes118
Size

355KB
Sample

240415-e5bttaee83
MD5

f0501cda164169ece14a587b45a58159
SHA1

612f56baaec5c1714aa15df1d08d4e8ea3f8e4bb
SHA256

f968cb7b7ef36711aa1b6622c98c8fce71adde2d0e4ea213bae86686dae53ad0
SHA512

15fdd318dc728a4c5369e93ea297ada60a336a98a91ca4f82fca158791d48dd908e82e2b02d093543fe8c0b59eb8816b5a32168e758b286b661bea2eae8abce3
SSDEEP

6144:13EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9EiS:amWhND9yJz+b1FcMLmp2ATTSsdS

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  f0501cda164169ece14a587b45a58159_JaffaCakes118
- Size
  
  355KB
- MD5
  
  f0501cda164169ece14a587b45a58159
- SHA1
  
  612f56baaec5c1714aa15df1d08d4e8ea3f8e4bb
- SHA256
  
  f968cb7b7ef36711aa1b6622c98c8fce71adde2d0e4ea213bae86686dae53ad0
- SHA512
  
  15fdd318dc728a4c5369e93ea297ada60a336a98a91ca4f82fca158791d48dd908e82e2b02d093543fe8c0b59eb8816b5a32168e758b286b661bea2eae8abce3
- SSDEEP
  
  6144:13EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9EiS:amWhND9yJz+b1FcMLmp2ATTSsdS
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2