f8c78191fc30257c2236bfb51c49d2538f57a56dc6dc6c4baa479e350071049f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3681e1fb79de1a56a564f2a9bdb0beea_JaffaCakes118
Size

278KB
Sample

240710-1ktpsa1gln
MD5

3681e1fb79de1a56a564f2a9bdb0beea
SHA1

3ab3c6263d9220a07d448351156d367328ba15ab
SHA256

f8c78191fc30257c2236bfb51c49d2538f57a56dc6dc6c4baa479e350071049f
SHA512

d44110f8d37d86d7ac423237f3255166697f2c915b2ee68bddc343ef39758e499f47073b0d957817be20f23b1dedf24691274b29a690cff66482f05c99f6e2c6
SSDEEP

6144:psNh3FiYgojSy1y454e4590y+GfqkP+dEkFj:psNhViYgXP45Q59UVF

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3681e1fb79de1a56a564f2a9bdb0beea_JaffaCakes118
- Size
  
  278KB
- MD5
  
  3681e1fb79de1a56a564f2a9bdb0beea
- SHA1
  
  3ab3c6263d9220a07d448351156d367328ba15ab
- SHA256
  
  f8c78191fc30257c2236bfb51c49d2538f57a56dc6dc6c4baa479e350071049f
- SHA512
  
  d44110f8d37d86d7ac423237f3255166697f2c915b2ee68bddc343ef39758e499f47073b0d957817be20f23b1dedf24691274b29a690cff66482f05c99f6e2c6
- SSDEEP
  
  6144:psNh3FiYgojSy1y454e4590y+GfqkP+dEkFj:psNhViYgXP45Q59UVF
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2