4cc9123896fec137f58d53cea1d401bed5ea725c70522b87cf0fb033680f7feb | Triage

Sharing

General

Target

f1a46273c9213e9569bce5d76ab29fd8_JaffaCakes118
Size

49KB
Sample

240415-wgj9qace39
MD5

f1a46273c9213e9569bce5d76ab29fd8
SHA1

98ce43aa0d8f67f3cf83c4b6128077e3f8402b75
SHA256

4cc9123896fec137f58d53cea1d401bed5ea725c70522b87cf0fb033680f7feb
SHA512

fe18e13df9fd02f8b7ca1a99a10e2f3ee7db3ee2f03e357defb0394cd2335520a486824406c323997099ea5a422a3f43a7ae98ba7e4e6e09af1ad11df5550bc0
SSDEEP

768:9E/kDdY9tX8vvpOclUNOO7ZoHQXPbWAEVqAlg+VkGtOYDwpi8C96skwzNSn:iv9tEpOclUIIZPf5N+Vrnm5hwJS

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  f1a46273c9213e9569bce5d76ab29fd8_JaffaCakes118
- Size
  
  49KB
- MD5
  
  f1a46273c9213e9569bce5d76ab29fd8
- SHA1
  
  98ce43aa0d8f67f3cf83c4b6128077e3f8402b75
- SHA256
  
  4cc9123896fec137f58d53cea1d401bed5ea725c70522b87cf0fb033680f7feb
- SHA512
  
  fe18e13df9fd02f8b7ca1a99a10e2f3ee7db3ee2f03e357defb0394cd2335520a486824406c323997099ea5a422a3f43a7ae98ba7e4e6e09af1ad11df5550bc0
- SSDEEP
  
  768:9E/kDdY9tX8vvpOclUNOO7ZoHQXPbWAEVqAlg+VkGtOYDwpi8C96skwzNSn:iv9tEpOclUIIZPf5N+Vrnm5hwJS
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2