09dd3f7accfe4984e7559035d470f6cdf901007dda3deac6d66f9b927c8925de | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0761cedb7966784a61b570be2509e6e9_JaffaCakes118
Size

495KB
Sample

240429-lw5h4agc2v
MD5

0761cedb7966784a61b570be2509e6e9
SHA1

2963268afec25fa3d74595ae7b2c32170dad49f2
SHA256

09dd3f7accfe4984e7559035d470f6cdf901007dda3deac6d66f9b927c8925de
SHA512

3e3e6960d5a6161c16518f6768ef3513e244e25556a0dabca7974162965df90ee91195d48cd921496e0c10fe3210bd552308acb75ea03d4380f2066a521f0b5f
SSDEEP

12288:b1b9Rs6595DU6OSPbfhnxgc2JeGJXm2sAHjM4+a1w3hlYpJ:b1b9p59NU6OSDfhnKc4eGJX+Ag4/1w3u

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0761cedb7966784a61b570be2509e6e9_JaffaCakes118
- Size
  
  495KB
- MD5
  
  0761cedb7966784a61b570be2509e6e9
- SHA1
  
  2963268afec25fa3d74595ae7b2c32170dad49f2
- SHA256
  
  09dd3f7accfe4984e7559035d470f6cdf901007dda3deac6d66f9b927c8925de
- SHA512
  
  3e3e6960d5a6161c16518f6768ef3513e244e25556a0dabca7974162965df90ee91195d48cd921496e0c10fe3210bd552308acb75ea03d4380f2066a521f0b5f
- SSDEEP
  
  12288:b1b9Rs6595DU6OSPbfhnxgc2JeGJXm2sAHjM4+a1w3hlYpJ:b1b9p59NU6OSDfhnKc4eGJX+Ag4/1w3u
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2