c607ef21fc83a313f2700a295e09ec256160671505f91aaaa301a81498428b17 | Triage

Sharing

General

Target

199cb8e6eb2bb90fda99332c069e74c0_JaffaCakes118
Size

65KB
Sample

240628-lc68kssard
MD5

199cb8e6eb2bb90fda99332c069e74c0
SHA1

41f0fb1a077f13c1b23a507d1017ed852ed26a12
SHA256

c607ef21fc83a313f2700a295e09ec256160671505f91aaaa301a81498428b17
SHA512

58b33dd67f7257fcc04a4966d6546ca12e94bc1c957bc9b81e73b71a6ffefca0482eaa31c25056b6c04becbd12c891a9210bc6fd5af5983050053eb9571c5488
SSDEEP

1536:Qte3KCHs91pmU+q4n++RCMDW4XPxGUl9O:Qt2PMOU+8SXJGUl9O

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  199cb8e6eb2bb90fda99332c069e74c0_JaffaCakes118
- Size
  
  65KB
- MD5
  
  199cb8e6eb2bb90fda99332c069e74c0
- SHA1
  
  41f0fb1a077f13c1b23a507d1017ed852ed26a12
- SHA256
  
  c607ef21fc83a313f2700a295e09ec256160671505f91aaaa301a81498428b17
- SHA512
  
  58b33dd67f7257fcc04a4966d6546ca12e94bc1c957bc9b81e73b71a6ffefca0482eaa31c25056b6c04becbd12c891a9210bc6fd5af5983050053eb9571c5488
- SSDEEP
  
  1536:Qte3KCHs91pmU+q4n++RCMDW4XPxGUl9O:Qt2PMOU+8SXJGUl9O
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2