db9c35d6088d016516c3e22c016ca53f066602614e687d4916c2548783329f66 | Triage

Sharing

General

Target

1c3f1486a45a7ec2d748c31f7ff8d9d4_JaffaCakes118
Size

529KB
Sample

240701-x9wznayhrm
MD5

1c3f1486a45a7ec2d748c31f7ff8d9d4
SHA1

c27b99d27d5d4d9e0dd9bb7b216f8f2c26e70e87
SHA256

db9c35d6088d016516c3e22c016ca53f066602614e687d4916c2548783329f66
SHA512

78a0c197023bcaa1bbd8336b24445191c3ac18b09504f11c55778c173470e5570cfe0f6911827b3d7fe1ad7612c3051f4853d1460349c2af064573e085eafc67
SSDEEP

6144:I1zPRFEkKpJ1zE4ZDTUSx6dp8hGuK4QfhrrNX8XKfVMddB07PNr+WBueJJqS:IlfCpJlEuXb6cK4QJrr186amIWge+S

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  1c3f1486a45a7ec2d748c31f7ff8d9d4_JaffaCakes118
- Size
  
  529KB
- MD5
  
  1c3f1486a45a7ec2d748c31f7ff8d9d4
- SHA1
  
  c27b99d27d5d4d9e0dd9bb7b216f8f2c26e70e87
- SHA256
  
  db9c35d6088d016516c3e22c016ca53f066602614e687d4916c2548783329f66
- SHA512
  
  78a0c197023bcaa1bbd8336b24445191c3ac18b09504f11c55778c173470e5570cfe0f6911827b3d7fe1ad7612c3051f4853d1460349c2af064573e085eafc67
- SSDEEP
  
  6144:I1zPRFEkKpJ1zE4ZDTUSx6dp8hGuK4QfhrrNX8XKfVMddB07PNr+WBueJJqS:IlfCpJlEuXb6cK4QJrr186amIWge+S
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2