4023683a5cdc39446b77e24f8cff17d92726135537773643a508ae427d68e780 | Triage

Sharing

General

Target

02c3423e533a96cf604160aa672a697f_JaffaCakes118
Size

41KB
Sample

240620-eyf5ysycqb
MD5

02c3423e533a96cf604160aa672a697f
SHA1

59be98862603526527a6d892b2868bf2e94fcc9e
SHA256

4023683a5cdc39446b77e24f8cff17d92726135537773643a508ae427d68e780
SHA512

04bedbe7fc248c0317a3d0815897e55c40b6754e29b3eef88cf2f200bda0187dc97a1f33fcafa50d2a688dffd3abb8b06ba2bd33bbd9ff3b3599545b78377501
SSDEEP

768:nFWmQBwY2VRu8NMPqfDJD3oCQ0vBTGld+dJo88yTWeP:nc4YSR4PADJDHUld+d/vK4

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  02c3423e533a96cf604160aa672a697f_JaffaCakes118
- Size
  
  41KB
- MD5
  
  02c3423e533a96cf604160aa672a697f
- SHA1
  
  59be98862603526527a6d892b2868bf2e94fcc9e
- SHA256
  
  4023683a5cdc39446b77e24f8cff17d92726135537773643a508ae427d68e780
- SHA512
  
  04bedbe7fc248c0317a3d0815897e55c40b6754e29b3eef88cf2f200bda0187dc97a1f33fcafa50d2a688dffd3abb8b06ba2bd33bbd9ff3b3599545b78377501
- SSDEEP
  
  768:nFWmQBwY2VRu8NMPqfDJD3oCQ0vBTGld+dJo88yTWeP:nc4YSR4PADJDHUld+d/vK4
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2