c43d04edd759d408e445d17bdd2e2505e9b7bde2b5934a6c822080a35795fcdb | Triage

Sharing

General

Target

24a8a36913b97d9bc33b7fbfcf84d7af_JaffaCakes118
Size

68KB
Sample

240704-fbcdxsxare
MD5

24a8a36913b97d9bc33b7fbfcf84d7af
SHA1

7055aa17a39e6701abbaf90bde911f3f44ac3a54
SHA256

c43d04edd759d408e445d17bdd2e2505e9b7bde2b5934a6c822080a35795fcdb
SHA512

685790b91956b9ba41f8224607903a0df24fe1fefd27ee1a000072b961ea33378720cc5a27f318b3249b797f1927d2d1345a1a2c97c49276669b1ea98dced68d
SSDEEP

1536:ADBKth1OfEMrgwWUkCWJ9yZe6PiCmKA61JtFYoUMtct0NHs8D0zqhex:lfa/tNkme9KAg9tc4HstzqMx

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  24a8a36913b97d9bc33b7fbfcf84d7af_JaffaCakes118
- Size
  
  68KB
- MD5
  
  24a8a36913b97d9bc33b7fbfcf84d7af
- SHA1
  
  7055aa17a39e6701abbaf90bde911f3f44ac3a54
- SHA256
  
  c43d04edd759d408e445d17bdd2e2505e9b7bde2b5934a6c822080a35795fcdb
- SHA512
  
  685790b91956b9ba41f8224607903a0df24fe1fefd27ee1a000072b961ea33378720cc5a27f318b3249b797f1927d2d1345a1a2c97c49276669b1ea98dced68d
- SSDEEP
  
  1536:ADBKth1OfEMrgwWUkCWJ9yZe6PiCmKA61JtFYoUMtct0NHs8D0zqhex:lfa/tNkme9KAg9tc4HstzqMx
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2