3a1174eb1bcd7d4e5a410242389b73764cb0dba9acf7abaec911cc33b9a97b0e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08570b2b4e0182c6e61fc9467b20003b_JaffaCakes118
Size

241KB
Sample

240624-nzwfpszhne
MD5

08570b2b4e0182c6e61fc9467b20003b
SHA1

28c95ead6bb8ad44ce86a73e2d9e484b4df67e87
SHA256

3a1174eb1bcd7d4e5a410242389b73764cb0dba9acf7abaec911cc33b9a97b0e
SHA512

360a683d9a8aaead844b6f3c2d4b0901a35fffcd8445dfe0be2533e047b1e01dd2e56eed80daae33ac25247a696315748922a6d91b1ecbb3733f8aa030c9d861
SSDEEP

6144:YAvXFIvsb2YXEfB/KB/vZcSQucrPJ2t54G9FeddLW0PI:YAvVdqY4e3ZtNAEt57GdkuI

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  08570b2b4e0182c6e61fc9467b20003b_JaffaCakes118
- Size
  
  241KB
- MD5
  
  08570b2b4e0182c6e61fc9467b20003b
- SHA1
  
  28c95ead6bb8ad44ce86a73e2d9e484b4df67e87
- SHA256
  
  3a1174eb1bcd7d4e5a410242389b73764cb0dba9acf7abaec911cc33b9a97b0e
- SHA512
  
  360a683d9a8aaead844b6f3c2d4b0901a35fffcd8445dfe0be2533e047b1e01dd2e56eed80daae33ac25247a696315748922a6d91b1ecbb3733f8aa030c9d861
- SSDEEP
  
  6144:YAvXFIvsb2YXEfB/KB/vZcSQucrPJ2t54G9FeddLW0PI:YAvVdqY4e3ZtNAEt57GdkuI
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2