90a170453a3cf5f6d62ab673dfaaeac6c6e702dc5061dffe57cdf2872f7316d0 | Triage

Sharing

General

Target

9b55a2417a76082ef34b3b01f9fff7d2_JaffaCakes118
Size

355KB
Sample

240610-t55jfstcle
MD5

9b55a2417a76082ef34b3b01f9fff7d2
SHA1

4d87f1bc578a4054fa51316b3c4deb578651a0a8
SHA256

90a170453a3cf5f6d62ab673dfaaeac6c6e702dc5061dffe57cdf2872f7316d0
SHA512

aad5277a56b785cec913d881b4474ca3e198164b5269af3f866600d7cf4d017073e9ab5be79fc5a67bd25853a9d55dd99cd0e321e58d069752c5623a7919b5bc
SSDEEP

6144:x3EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9EiS:2mWhND9yJz+b1FcMLmp2ATTSsdS

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  9b55a2417a76082ef34b3b01f9fff7d2_JaffaCakes118
- Size
  
  355KB
- MD5
  
  9b55a2417a76082ef34b3b01f9fff7d2
- SHA1
  
  4d87f1bc578a4054fa51316b3c4deb578651a0a8
- SHA256
  
  90a170453a3cf5f6d62ab673dfaaeac6c6e702dc5061dffe57cdf2872f7316d0
- SHA512
  
  aad5277a56b785cec913d881b4474ca3e198164b5269af3f866600d7cf4d017073e9ab5be79fc5a67bd25853a9d55dd99cd0e321e58d069752c5623a7919b5bc
- SSDEEP
  
  6144:x3EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9EiS:2mWhND9yJz+b1FcMLmp2ATTSsdS
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2