a3fd24e17de137c2506b45b82935d8d84c5fc7e79baa6b327650467d377d1a1b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05407778867e7ff2fd9264ca8252515e_JaffaCakes118
Size

120KB
Sample

240620-mshqlaxcpp
MD5

05407778867e7ff2fd9264ca8252515e
SHA1

733d7c467176555d00b19942e54dfa59b52fb711
SHA256

a3fd24e17de137c2506b45b82935d8d84c5fc7e79baa6b327650467d377d1a1b
SHA512

e5f88b6cdb98da3b77a361033c5d5a5bd686329430321aff7250836bd987d0fa9411152a06649d58e1615e45cc547d7b177346280fa8c57e6f42319f7668d19b
SSDEEP

3072:vdddPxWIC3nP2GW6inS9ZkdIfYYRMvTMchs:lddPgPBW/sZkdIg7TMcm

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  05407778867e7ff2fd9264ca8252515e_JaffaCakes118
- Size
  
  120KB
- MD5
  
  05407778867e7ff2fd9264ca8252515e
- SHA1
  
  733d7c467176555d00b19942e54dfa59b52fb711
- SHA256
  
  a3fd24e17de137c2506b45b82935d8d84c5fc7e79baa6b327650467d377d1a1b
- SHA512
  
  e5f88b6cdb98da3b77a361033c5d5a5bd686329430321aff7250836bd987d0fa9411152a06649d58e1615e45cc547d7b177346280fa8c57e6f42319f7668d19b
- SSDEEP
  
  3072:vdddPxWIC3nP2GW6inS9ZkdIfYYRMvTMchs:lddPgPBW/sZkdIg7TMcm
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2