0182f2e29965d54c5aea14679765c19ef2397e42ac2464b113bc9c6da89f618f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

926c5694a1bceffc43896b4a4009e457_JaffaCakes118
Size

355KB
Sample

240603-ts5npacb5x
MD5

926c5694a1bceffc43896b4a4009e457
SHA1

b821d0ca3caf0a8d2de114da0faab772b22e0efe
SHA256

0182f2e29965d54c5aea14679765c19ef2397e42ac2464b113bc9c6da89f618f
SHA512

3ec7fb2c12d5010cd514ed54eaecaba16f31e279e508af71e3dc7c0cf2161e34a7df6b4ad2fe7c931f6841712515b92757189ac6029ffefef54d3cbb12811791
SSDEEP

6144:J3EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9EiS:emWhND9yJz+b1FcMLmp2ATTSsdS

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  926c5694a1bceffc43896b4a4009e457_JaffaCakes118
- Size
  
  355KB
- MD5
  
  926c5694a1bceffc43896b4a4009e457
- SHA1
  
  b821d0ca3caf0a8d2de114da0faab772b22e0efe
- SHA256
  
  0182f2e29965d54c5aea14679765c19ef2397e42ac2464b113bc9c6da89f618f
- SHA512
  
  3ec7fb2c12d5010cd514ed54eaecaba16f31e279e508af71e3dc7c0cf2161e34a7df6b4ad2fe7c931f6841712515b92757189ac6029ffefef54d3cbb12811791
- SSDEEP
  
  6144:J3EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9EiS:emWhND9yJz+b1FcMLmp2ATTSsdS
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2