ad67e8eac8acf8c2fe5418ad4245a95f5a68a6d1c5b1c624e8735bdc3b55eb9b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07825405c515a5295fbf49ac0a9f96a3_JaffaCakes118
Size

845KB
Sample

240429-m5dbmshd8w
MD5

07825405c515a5295fbf49ac0a9f96a3
SHA1

5c6b7179324a0f79f4b838d31a5e355e46a644af
SHA256

ad67e8eac8acf8c2fe5418ad4245a95f5a68a6d1c5b1c624e8735bdc3b55eb9b
SHA512

0b09e1f570d7b001bb7af2735f2e0ddddd19e9a7a17c3e6dc653934e5355ef05352b25544421653ac4be08f81fa5ae760bd7dd7eccf9aaedfaeffbd4e6c63ac0
SSDEEP

12288:51bAcZuDbe5BJ0htb1E16AJm/RteLzdVYMWadD4B6tx9rhY+qUCOjccyPkjtjNQU:51bLBJkt+1N+tetKLaOwtVWTOoYniYD

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  07825405c515a5295fbf49ac0a9f96a3_JaffaCakes118
- Size
  
  845KB
- MD5
  
  07825405c515a5295fbf49ac0a9f96a3
- SHA1
  
  5c6b7179324a0f79f4b838d31a5e355e46a644af
- SHA256
  
  ad67e8eac8acf8c2fe5418ad4245a95f5a68a6d1c5b1c624e8735bdc3b55eb9b
- SHA512
  
  0b09e1f570d7b001bb7af2735f2e0ddddd19e9a7a17c3e6dc653934e5355ef05352b25544421653ac4be08f81fa5ae760bd7dd7eccf9aaedfaeffbd4e6c63ac0
- SSDEEP
  
  12288:51bAcZuDbe5BJ0htb1E16AJm/RteLzdVYMWadD4B6tx9rhY+qUCOjccyPkjtjNQU:51bLBJkt+1N+tetKLaOwtVWTOoYniYD
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2