c7af45d19f4207c4141ea4505421e6a8d4b1bc3528002d21d17728daa6af2757 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

055e5f8fe165ea7bd7110ad6585b8f8b_JaffaCakes118
Size

213KB
Sample

240428-rjcv7shd58
MD5

055e5f8fe165ea7bd7110ad6585b8f8b
SHA1

531b814d7908e08eb811ee7d4d24ec64bcd459f1
SHA256

c7af45d19f4207c4141ea4505421e6a8d4b1bc3528002d21d17728daa6af2757
SHA512

f1d2551f1c05aac75f03ce10f33186f32558ee72f77db6648eed109d96d2023172554920a456ce1c5259316fea5a8a50fd6c16a165e01214f147d857ca138e41
SSDEEP

3072:p1B31bdBob2QXoBEfgghXcBX/j2uy0HaMnGElmgI3FTgZ61AuUGsIYt:p731bdBaBoB8gghXctjLnNsgI3pnUvft

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  055e5f8fe165ea7bd7110ad6585b8f8b_JaffaCakes118
- Size
  
  213KB
- MD5
  
  055e5f8fe165ea7bd7110ad6585b8f8b
- SHA1
  
  531b814d7908e08eb811ee7d4d24ec64bcd459f1
- SHA256
  
  c7af45d19f4207c4141ea4505421e6a8d4b1bc3528002d21d17728daa6af2757
- SHA512
  
  f1d2551f1c05aac75f03ce10f33186f32558ee72f77db6648eed109d96d2023172554920a456ce1c5259316fea5a8a50fd6c16a165e01214f147d857ca138e41
- SSDEEP
  
  3072:p1B31bdBob2QXoBEfgghXcBX/j2uy0HaMnGElmgI3FTgZ61AuUGsIYt:p731bdBaBoB8gghXctjLnNsgI3pnUvft
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2