ab542750337540e235cdeeae9a6a3f085421691495bd0be720e0154f4eac3f0b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

285f00695fe90b122fdba804372cba04_JaffaCakes118
Size

6.9MB
Sample

240706-ngkw9axfnp
MD5

285f00695fe90b122fdba804372cba04
SHA1

f730015ddd31be5a294f81780178fbce0e465939
SHA256

ab542750337540e235cdeeae9a6a3f085421691495bd0be720e0154f4eac3f0b
SHA512

6bcfccbc82d8fff8beebd46bc3831f21cbe64abdb5edafbefa0b37efc96bad0ae91d71507cbd2b43f244c4911aa0e42b5ed87913c46f47c140a535361cd85027
SSDEEP

192:8/2VgKqGxoQt0y2dNQOa099G/OAYvbyj9zHJeyJ+43cDimP1oydUb8z5L/Cldol9:8/vmExlGqwd+43cWQ1jUA1LCcM4aeWF2

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  285f00695fe90b122fdba804372cba04_JaffaCakes118
- Size
  
  6.9MB
- MD5
  
  285f00695fe90b122fdba804372cba04
- SHA1
  
  f730015ddd31be5a294f81780178fbce0e465939
- SHA256
  
  ab542750337540e235cdeeae9a6a3f085421691495bd0be720e0154f4eac3f0b
- SHA512
  
  6bcfccbc82d8fff8beebd46bc3831f21cbe64abdb5edafbefa0b37efc96bad0ae91d71507cbd2b43f244c4911aa0e42b5ed87913c46f47c140a535361cd85027
- SSDEEP
  
  192:8/2VgKqGxoQt0y2dNQOa099G/OAYvbyj9zHJeyJ+43cDimP1oydUb8z5L/Cldol9:8/vmExlGqwd+43cWQ1jUA1LCcM4aeWF2
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2