53f23c23b6938e0adbe240935b104ffe97e8a83bdd71c62070b8ff4614d55ce8 | Triage

Sharing

General

Target

2b9b51bb218773b1ea584494aa3a64ba_JaffaCakes118
Size

341KB
Sample

240708-j4zayasejg
MD5

2b9b51bb218773b1ea584494aa3a64ba
SHA1

c025078e4e4c08623d622de0f2b2cfbdd673055d
SHA256

53f23c23b6938e0adbe240935b104ffe97e8a83bdd71c62070b8ff4614d55ce8
SHA512

872f3580f6b711d29f90b0c7ba09627d11ec7f4af77133525504e73433997588ff2f8c8892419fe3849d17387766a1928fd71a4fb557518b7db3fb28dc1abb8b
SSDEEP

6144:qDwbzDYTQsWFSUXpycpnn5X5ZNY41QQkdLZ3l8a5H2nsznfl:rzkMFEc9nZadQ03eQH2nszfl

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  2b9b51bb218773b1ea584494aa3a64ba_JaffaCakes118
- Size
  
  341KB
- MD5
  
  2b9b51bb218773b1ea584494aa3a64ba
- SHA1
  
  c025078e4e4c08623d622de0f2b2cfbdd673055d
- SHA256
  
  53f23c23b6938e0adbe240935b104ffe97e8a83bdd71c62070b8ff4614d55ce8
- SHA512
  
  872f3580f6b711d29f90b0c7ba09627d11ec7f4af77133525504e73433997588ff2f8c8892419fe3849d17387766a1928fd71a4fb557518b7db3fb28dc1abb8b
- SSDEEP
  
  6144:qDwbzDYTQsWFSUXpycpnn5X5ZNY41QQkdLZ3l8a5H2nsznfl:rzkMFEc9nZadQ03eQH2nszfl
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2