2909d608557725d3f4a3af5ca238010c0ca571c941ac96da8616d5fc546cb0ad | Triage

Sharing

General

Target

2b97aa8f6622957a94ac32aba8d71643_JaffaCakes118
Size

68KB
Sample

240708-j12lwszelr
MD5

2b97aa8f6622957a94ac32aba8d71643
SHA1

7203d9c1627c23495ef1700a332ea6b5fc2d1ebd
SHA256

2909d608557725d3f4a3af5ca238010c0ca571c941ac96da8616d5fc546cb0ad
SHA512

17acc8120c694483c56a5e33d67b897ce410b3b5822086367bab644015b596877d5c50cab3413ea36ff72971a845181dbfcf06fe2dda21ba0ce67fbec10d212c
SSDEEP

1536:AM6e7W05GqGkEaoMwxyAX0y+DdS/M/sWEw7DrVbV4+ZdIR7CS/Dkria:X6eCi90TVEyedvP/LIRdbra

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  2b97aa8f6622957a94ac32aba8d71643_JaffaCakes118
- Size
  
  68KB
- MD5
  
  2b97aa8f6622957a94ac32aba8d71643
- SHA1
  
  7203d9c1627c23495ef1700a332ea6b5fc2d1ebd
- SHA256
  
  2909d608557725d3f4a3af5ca238010c0ca571c941ac96da8616d5fc546cb0ad
- SHA512
  
  17acc8120c694483c56a5e33d67b897ce410b3b5822086367bab644015b596877d5c50cab3413ea36ff72971a845181dbfcf06fe2dda21ba0ce67fbec10d212c
- SSDEEP
  
  1536:AM6e7W05GqGkEaoMwxyAX0y+DdS/M/sWEw7DrVbV4+ZdIR7CS/Dkria:X6eCi90TVEyedvP/LIRdbra
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2