0a203a16fa8e945fe2e801ddffa69c1e59ffdab4de34826abb55efd25f12f661 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e2372c2d1a4f378f840ce214e78a0b4_JaffaCakes118
Size

1.6MB
Sample

240502-lkxn4sgc32
MD5

0e2372c2d1a4f378f840ce214e78a0b4
SHA1

388385a79e75e08b9fd7fa0330d9930cfe490e31
SHA256

0a203a16fa8e945fe2e801ddffa69c1e59ffdab4de34826abb55efd25f12f661
SHA512

b68a9e8597009163e77ea58130d94a19f4253bd1b0d25dd6b9f718b0e288a8611c6c51683738265bbed6c477c6641a610bed5dee046efb8c5187579c7b9422d7
SSDEEP

24576:b1blvpmAxSGbIMiuCXNa0UxL5s1IN4IA2DNf3YtaSEgGqyl4CcNupnNh:bllSN7XNa0IVs1IQ2DCRHG

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0e2372c2d1a4f378f840ce214e78a0b4_JaffaCakes118
- Size
  
  1.6MB
- MD5
  
  0e2372c2d1a4f378f840ce214e78a0b4
- SHA1
  
  388385a79e75e08b9fd7fa0330d9930cfe490e31
- SHA256
  
  0a203a16fa8e945fe2e801ddffa69c1e59ffdab4de34826abb55efd25f12f661
- SHA512
  
  b68a9e8597009163e77ea58130d94a19f4253bd1b0d25dd6b9f718b0e288a8611c6c51683738265bbed6c477c6641a610bed5dee046efb8c5187579c7b9422d7
- SSDEEP
  
  24576:b1blvpmAxSGbIMiuCXNa0UxL5s1IN4IA2DNf3YtaSEgGqyl4CcNupnNh:bllSN7XNa0IVs1IQ2DCRHG
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2