e7a7a4e7410d3898e638bbb01636fd477cd97a7f0236f1ef1d9409b452b4c965 | Triage

Sharing

General

Target

0b149946996599376c351f25827e78a0_JaffaCakes118
Size

113KB
Sample

240501-fcg1ssac68
MD5

0b149946996599376c351f25827e78a0
SHA1

58e19346b1c9dfe255f04e799c92ac7ebe94d900
SHA256

e7a7a4e7410d3898e638bbb01636fd477cd97a7f0236f1ef1d9409b452b4c965
SHA512

ac29a068e856abaab5629dd645b0437c72ec9ddc20a8c36501b05cb20ee931d1b074bd3f07d0d2c46cad23a13e8cd5a77c75785a66fe90014cd1b991024d29b0
SSDEEP

1536:vaiqH1s+kCtrA2UMT0mTFibDKa1Xm498ZzEFmNTl2j3GHReyRFVi2Yvc1Z1P4usj:C1B31bdBob2QXV8ZzEWlPnViQ1wu0

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0b149946996599376c351f25827e78a0_JaffaCakes118
- Size
  
  113KB
- MD5
  
  0b149946996599376c351f25827e78a0
- SHA1
  
  58e19346b1c9dfe255f04e799c92ac7ebe94d900
- SHA256
  
  e7a7a4e7410d3898e638bbb01636fd477cd97a7f0236f1ef1d9409b452b4c965
- SHA512
  
  ac29a068e856abaab5629dd645b0437c72ec9ddc20a8c36501b05cb20ee931d1b074bd3f07d0d2c46cad23a13e8cd5a77c75785a66fe90014cd1b991024d29b0
- SSDEEP
  
  1536:vaiqH1s+kCtrA2UMT0mTFibDKa1Xm498ZzEFmNTl2j3GHReyRFVi2Yvc1Z1P4usj:C1B31bdBob2QXV8ZzEWlPnViQ1wu0
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2