6a5677a7107ad97c68bd78750e480e3058da673483f5abbbe9ed995632676ccd | Triage

Sharing

General

Target

16117e835e82509b21fd9c7d4fea17f2_JaffaCakes118
Size

211KB
Sample

240627-p2bdzsvbqr
MD5

16117e835e82509b21fd9c7d4fea17f2
SHA1

390517231c3a739ad16e884f878c067decd413ae
SHA256

6a5677a7107ad97c68bd78750e480e3058da673483f5abbbe9ed995632676ccd
SHA512

bf451dafc3c092096452490fb132a40efdd7bddb90b66e34aaf68e741b8546a2323657bfae26f252664de4de2da8d05fd35d78fda580c8b2c427ff47d61a3ccb
SSDEEP

1536:4iJm5ponB0DZoiUAvoT6DvDwIf1zwQVgv/Y4lDA2rV80as+qdK+:PJ2poSDZoi3v2G1zwLv/r22pSgK+

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  16117e835e82509b21fd9c7d4fea17f2_JaffaCakes118
- Size
  
  211KB
- MD5
  
  16117e835e82509b21fd9c7d4fea17f2
- SHA1
  
  390517231c3a739ad16e884f878c067decd413ae
- SHA256
  
  6a5677a7107ad97c68bd78750e480e3058da673483f5abbbe9ed995632676ccd
- SHA512
  
  bf451dafc3c092096452490fb132a40efdd7bddb90b66e34aaf68e741b8546a2323657bfae26f252664de4de2da8d05fd35d78fda580c8b2c427ff47d61a3ccb
- SSDEEP
  
  1536:4iJm5ponB0DZoiUAvoT6DvDwIf1zwQVgv/Y4lDA2rV80as+qdK+:PJ2poSDZoi3v2G1zwLv/r22pSgK+
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2