09fa910dc999a046dc57eb2b46483c36e3a95856e9b13ca100b18e9ee9ea06f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06a6d578239ceaaf4bf6fe940954402b_JaffaCakes118
Size

678KB
Sample

240429-c99kjaga26
MD5

06a6d578239ceaaf4bf6fe940954402b
SHA1

218aa0dad0043663e319646814103bde62510f71
SHA256

09fa910dc999a046dc57eb2b46483c36e3a95856e9b13ca100b18e9ee9ea06f5
SHA512

e89a0f476932477f488ab10a52814c794dd387f9201aaaa3ac723336e42b2605b67c411f808952d4e9aa7272b683fb321fd14c5e1727e8dea20619b980a10fb8
SSDEEP

12288:b1b97IaFLWiUH2I7PODy5oTKMlDhfD25Uvi0jBip/zUA2Y7ZwztmuUEew44O:b1b9JFyd7GDy6tlDdEUvi0K7kYYtQlj

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  06a6d578239ceaaf4bf6fe940954402b_JaffaCakes118
- Size
  
  678KB
- MD5
  
  06a6d578239ceaaf4bf6fe940954402b
- SHA1
  
  218aa0dad0043663e319646814103bde62510f71
- SHA256
  
  09fa910dc999a046dc57eb2b46483c36e3a95856e9b13ca100b18e9ee9ea06f5
- SHA512
  
  e89a0f476932477f488ab10a52814c794dd387f9201aaaa3ac723336e42b2605b67c411f808952d4e9aa7272b683fb321fd14c5e1727e8dea20619b980a10fb8
- SSDEEP
  
  12288:b1b97IaFLWiUH2I7PODy5oTKMlDhfD25Uvi0jBip/zUA2Y7ZwztmuUEew44O:b1b9JFyd7GDy6tlDdEUvi0K7kYYtQlj
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2