a840a47e67040c1070022d4bf772e2b0a7bf3b6b9856a2bff66df7cd0601b549 | Triage

Sharing

General

Target

2b4846bc9f043bf38cd4e36fb852e48d_JaffaCakes118
Size

672KB
Sample

240708-g29b1sybqd
MD5

2b4846bc9f043bf38cd4e36fb852e48d
SHA1

73d54a031225e308691deb2a573816ad80b1e12e
SHA256

a840a47e67040c1070022d4bf772e2b0a7bf3b6b9856a2bff66df7cd0601b549
SHA512

cc021a277ff3ba5b906d0dd9580cd83a7e8fb13cff3bc8494f3b984d59190e7757dae8195a62aac869ac03609a8ddcef51df1b8ebbaa1542e9484d6d5934e1bc
SSDEEP

12288:7vehvlYuXb6cK4QJrr186amIWge+RCQdyIMA65xUlNqRC+NSK:7vehviuXbZKXJrr186amIWgVRFyIMX5h

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  2b4846bc9f043bf38cd4e36fb852e48d_JaffaCakes118
- Size
  
  672KB
- MD5
  
  2b4846bc9f043bf38cd4e36fb852e48d
- SHA1
  
  73d54a031225e308691deb2a573816ad80b1e12e
- SHA256
  
  a840a47e67040c1070022d4bf772e2b0a7bf3b6b9856a2bff66df7cd0601b549
- SHA512
  
  cc021a277ff3ba5b906d0dd9580cd83a7e8fb13cff3bc8494f3b984d59190e7757dae8195a62aac869ac03609a8ddcef51df1b8ebbaa1542e9484d6d5934e1bc
- SSDEEP
  
  12288:7vehvlYuXb6cK4QJrr186amIWge+RCQdyIMA65xUlNqRC+NSK:7vehviuXbZKXJrr186amIWgVRFyIMX5h
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2