9416d1a63fb0838a5731cb00f28675b72ae12dc3e60e94a2d8c3e05edc8f8788 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

390029121772a48c7a0897d36507c6b9_JaffaCakes118
Size

116KB
Sample

240711-n1v7bsvfkr
MD5

390029121772a48c7a0897d36507c6b9
SHA1

e42384aef3a1a7c277c25e3378002d4743135532
SHA256

9416d1a63fb0838a5731cb00f28675b72ae12dc3e60e94a2d8c3e05edc8f8788
SHA512

973228afaef002fca86b037558af8aef752158f0606c29a5d9d1710aa5e9e501d41a64853597039e557eebbb9fec12215e05784c01bc05da7c16dd859ff5c76e
SSDEEP

3072:dOaKhJBck9q0j65u0xzx2Ec2kc8+QxyqWbsi3+LBeU4:IhJBcKdj70hIUkcExyqQsveU

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  390029121772a48c7a0897d36507c6b9_JaffaCakes118
- Size
  
  116KB
- MD5
  
  390029121772a48c7a0897d36507c6b9
- SHA1
  
  e42384aef3a1a7c277c25e3378002d4743135532
- SHA256
  
  9416d1a63fb0838a5731cb00f28675b72ae12dc3e60e94a2d8c3e05edc8f8788
- SHA512
  
  973228afaef002fca86b037558af8aef752158f0606c29a5d9d1710aa5e9e501d41a64853597039e557eebbb9fec12215e05784c01bc05da7c16dd859ff5c76e
- SSDEEP
  
  3072:dOaKhJBck9q0j65u0xzx2Ec2kc8+QxyqWbsi3+LBeU4:IhJBcKdj70hIUkcExyqQsveU
Score

6^/10

persistence
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2