eece2e8c858e5154a4b07203dea880000ac879b022b20f9fa559d78ac81cc889 | Triage

Sharing

General

Target

0f56e67e981b66a9df2626a707e368fe_JaffaCakes118
Size

243KB
Sample

240625-yp6tsszbre
MD5

0f56e67e981b66a9df2626a707e368fe
SHA1

0ffce91789ed8c10506982e0d04ad449aba303d7
SHA256

eece2e8c858e5154a4b07203dea880000ac879b022b20f9fa559d78ac81cc889
SHA512

2ca1ac67d297e29f3ff8d8dbaffca2275a749a73e421f870f8a051bb4e1a569f25e82d4139a1b8dbbd0f45a15e752e20d1b9c68386329f4eedd92a8d27a0520d
SSDEEP

6144:YnScTKd/ASzisjWzxCyEBQFyTrfdiaXuQtqc7YKqkYh:4TKCS2sjWC1rfd/Rtqc7HqkYh

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0f56e67e981b66a9df2626a707e368fe_JaffaCakes118
- Size
  
  243KB
- MD5
  
  0f56e67e981b66a9df2626a707e368fe
- SHA1
  
  0ffce91789ed8c10506982e0d04ad449aba303d7
- SHA256
  
  eece2e8c858e5154a4b07203dea880000ac879b022b20f9fa559d78ac81cc889
- SHA512
  
  2ca1ac67d297e29f3ff8d8dbaffca2275a749a73e421f870f8a051bb4e1a569f25e82d4139a1b8dbbd0f45a15e752e20d1b9c68386329f4eedd92a8d27a0520d
- SSDEEP
  
  6144:YnScTKd/ASzisjWzxCyEBQFyTrfdiaXuQtqc7YKqkYh:4TKCS2sjWC1rfd/Rtqc7HqkYh
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2