64a46dd54740fb463dc7b254e80b809cffe96fa2244f41ed890bb5bbfb40bc1d | Triage

Sharing

General

Target

33528e5530075c5fb0ef687a1df324c4_JaffaCakes118
Size

236KB
Sample

240710-e8kacsxarp
MD5

33528e5530075c5fb0ef687a1df324c4
SHA1

45facc2de2970cc8c511956ae4ff904eb41b5f73
SHA256

64a46dd54740fb463dc7b254e80b809cffe96fa2244f41ed890bb5bbfb40bc1d
SHA512

cee66a505b1d8548f0d250c13783f2fcfcc2df01a54f3cca13be812e19b2869a307ddfada16ac3bfc5b12c63eeac58d36f8ed0a2da87756548143e484fd49f90
SSDEEP

1536:tf1zwQVggBBFJju8E+lDqxABWMkQw1bB45pjf1zwQVgvFL5+:91zwLQBFJju8E+OA5kQwM5pL1zwLvF

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  33528e5530075c5fb0ef687a1df324c4_JaffaCakes118
- Size
  
  236KB
- MD5
  
  33528e5530075c5fb0ef687a1df324c4
- SHA1
  
  45facc2de2970cc8c511956ae4ff904eb41b5f73
- SHA256
  
  64a46dd54740fb463dc7b254e80b809cffe96fa2244f41ed890bb5bbfb40bc1d
- SHA512
  
  cee66a505b1d8548f0d250c13783f2fcfcc2df01a54f3cca13be812e19b2869a307ddfada16ac3bfc5b12c63eeac58d36f8ed0a2da87756548143e484fd49f90
- SSDEEP
  
  1536:tf1zwQVggBBFJju8E+lDqxABWMkQw1bB45pjf1zwQVgvFL5+:91zwLQBFJju8E+OA5kQwM5pL1zwLvF
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2