ae640c6833de1fc6a4bbe606d44a5084c34287e0d5a3c9e3ef53a06a0afa1456 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17ca0dfedbe9abb68ed95c073369e38f_JaffaCakes118
Size

46KB
Sample

240627-2kk83svfrh
MD5

17ca0dfedbe9abb68ed95c073369e38f
SHA1

a5bf5100c41150df67c6a34b29ba935f00210f43
SHA256

ae640c6833de1fc6a4bbe606d44a5084c34287e0d5a3c9e3ef53a06a0afa1456
SHA512

b4a7e19870e1830959a040e87a415d71fdaf65182f15e2465fecd5f09469d7035a8ada16638ffcf055d7836e3f2fc0dd16bcf122812bb6f67d0289837f9b9f67
SSDEEP

768:4ML8Mfo714+uLLmakfiPC0Lslt+iyyb+9pCCllgI9l7sJ2svyR:DwMfF+uLi50LuZc3jh3K2sv

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  17ca0dfedbe9abb68ed95c073369e38f_JaffaCakes118
- Size
  
  46KB
- MD5
  
  17ca0dfedbe9abb68ed95c073369e38f
- SHA1
  
  a5bf5100c41150df67c6a34b29ba935f00210f43
- SHA256
  
  ae640c6833de1fc6a4bbe606d44a5084c34287e0d5a3c9e3ef53a06a0afa1456
- SHA512
  
  b4a7e19870e1830959a040e87a415d71fdaf65182f15e2465fecd5f09469d7035a8ada16638ffcf055d7836e3f2fc0dd16bcf122812bb6f67d0289837f9b9f67
- SSDEEP
  
  768:4ML8Mfo714+uLLmakfiPC0Lslt+iyyb+9pCCllgI9l7sJ2svyR:DwMfF+uLi50LuZc3jh3K2sv
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2