eacdcfca2e04083f16a231ad9c3d4443527fd35d8cf86e5e73faacd20bd8bf58 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f226603816fa9df978af7f2909f0632_JaffaCakes118
Size

355KB
Sample

240507-cxx1zaec4t
MD5

1f226603816fa9df978af7f2909f0632
SHA1

5d17e058b9a8cfb4ed5430d549a1291f0866269d
SHA256

eacdcfca2e04083f16a231ad9c3d4443527fd35d8cf86e5e73faacd20bd8bf58
SHA512

8a1a8e0f186d9d009f19e00dd5fda3b4bbb67df866d56d907c2ed0145925deac3fa54f2b4417301e5f283773520f821833003260ddd67aaa0f0445715125923d
SSDEEP

6144:P3EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9EiS:MmWhND9yJz+b1FcMLmp2ATTSsdS

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  1f226603816fa9df978af7f2909f0632_JaffaCakes118
- Size
  
  355KB
- MD5
  
  1f226603816fa9df978af7f2909f0632
- SHA1
  
  5d17e058b9a8cfb4ed5430d549a1291f0866269d
- SHA256
  
  eacdcfca2e04083f16a231ad9c3d4443527fd35d8cf86e5e73faacd20bd8bf58
- SHA512
  
  8a1a8e0f186d9d009f19e00dd5fda3b4bbb67df866d56d907c2ed0145925deac3fa54f2b4417301e5f283773520f821833003260ddd67aaa0f0445715125923d
- SSDEEP
  
  6144:P3EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9EiS:MmWhND9yJz+b1FcMLmp2ATTSsdS
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2