2e932bc4f993e536a1626c90e908031b6ed31bbd236e15ef4bc7ac384497564a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d9a3d1ac8195f660b8d4cb017e2d703_JaffaCakes118
Size

93KB
Sample

240625-lrxbxssdjg
MD5

0d9a3d1ac8195f660b8d4cb017e2d703
SHA1

4907b987e7ac22f1c176c0fea225cd920eef5780
SHA256

2e932bc4f993e536a1626c90e908031b6ed31bbd236e15ef4bc7ac384497564a
SHA512

5711720e27a95b1de1e1bc3691019ee8044bc94617441e0472f4d8e7160f32151b209d814adf194e4a1f4e24cdd5f40a34e97c8eb349265bee5468fb66e352c9
SSDEEP

1536:pA5tXOE3/t+dDcyBpX+VPhek8VRE80LzSDYw4kQv/vrc83lzl8:pA5F3qYKOxn8VRE8OcY1kU/vo81W

Score

6^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  0d9a3d1ac8195f660b8d4cb017e2d703_JaffaCakes118
- Size
  
  93KB
- MD5
  
  0d9a3d1ac8195f660b8d4cb017e2d703
- SHA1
  
  4907b987e7ac22f1c176c0fea225cd920eef5780
- SHA256
  
  2e932bc4f993e536a1626c90e908031b6ed31bbd236e15ef4bc7ac384497564a
- SHA512
  
  5711720e27a95b1de1e1bc3691019ee8044bc94617441e0472f4d8e7160f32151b209d814adf194e4a1f4e24cdd5f40a34e97c8eb349265bee5468fb66e352c9
- SSDEEP
  
  1536:pA5tXOE3/t+dDcyBpX+VPhek8VRE80LzSDYw4kQv/vrc83lzl8:pA5F3qYKOxn8VRE8OcY1kU/vo81W
Score

6^/10

persistence privilege_escalation
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Event Triggered Execution

Accessibility Features

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Event Triggered Execution

Accessibility Features

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation