4558c2057930fba339b2c22968982b429e8045438f169b7d90ae534658a6a5b2 | Triage

Sharing

General

Target

247ba3e6e872c50d625f21fcbef7ab35_JaffaCakes118
Size

240KB
Sample

240704-d3ks9sthnf
MD5

247ba3e6e872c50d625f21fcbef7ab35
SHA1

f2d7606e5e647f915c325a86faf4d321616ba7fd
SHA256

4558c2057930fba339b2c22968982b429e8045438f169b7d90ae534658a6a5b2
SHA512

ef8968fd107a1e80693d83aebf5624ca94e82c9abf0dcb2b10a4db56bb386693f65d5f1938cde739347e50aca48bc7b3988a7d3f91344f82badb0f10a2e744a0
SSDEEP

6144:5W15VR+73zRh81tNA6NXTrCeyAsOFW2Eg1TWWPA:5W1DRiDRh8/NdXTrCW7Q2Eg1Ti

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  247ba3e6e872c50d625f21fcbef7ab35_JaffaCakes118
- Size
  
  240KB
- MD5
  
  247ba3e6e872c50d625f21fcbef7ab35
- SHA1
  
  f2d7606e5e647f915c325a86faf4d321616ba7fd
- SHA256
  
  4558c2057930fba339b2c22968982b429e8045438f169b7d90ae534658a6a5b2
- SHA512
  
  ef8968fd107a1e80693d83aebf5624ca94e82c9abf0dcb2b10a4db56bb386693f65d5f1938cde739347e50aca48bc7b3988a7d3f91344f82badb0f10a2e744a0
- SSDEEP
  
  6144:5W15VR+73zRh81tNA6NXTrCeyAsOFW2Eg1TWWPA:5W1DRiDRh8/NdXTrCW7Q2Eg1Ti
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2