d5d27e1c48a5d2326410793fdb40f0aa49d54467b7d5681f863df6bed45527ba | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d9eba7545e08acf3106a79218dbc8ea_JaffaCakes118
Size

70KB
Sample

240712-q2wwcsyarb
MD5

3d9eba7545e08acf3106a79218dbc8ea
SHA1

500a8188ecb5cfd299a2569274cdf689552d52d9
SHA256

d5d27e1c48a5d2326410793fdb40f0aa49d54467b7d5681f863df6bed45527ba
SHA512

adf19731794168235548070c60161541f10330ecb97d2057c76ed0d04bfeb94abf6795fb70e0de7d84635a0e99ca6b496452667ea49a7888a2b29e00a0481880
SSDEEP

1536:HJp0OgmLGFYnW0AVwys5RKZQVr30VukbRP:gV+rAVE5RSggbRP

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3d9eba7545e08acf3106a79218dbc8ea_JaffaCakes118
- Size
  
  70KB
- MD5
  
  3d9eba7545e08acf3106a79218dbc8ea
- SHA1
  
  500a8188ecb5cfd299a2569274cdf689552d52d9
- SHA256
  
  d5d27e1c48a5d2326410793fdb40f0aa49d54467b7d5681f863df6bed45527ba
- SHA512
  
  adf19731794168235548070c60161541f10330ecb97d2057c76ed0d04bfeb94abf6795fb70e0de7d84635a0e99ca6b496452667ea49a7888a2b29e00a0481880
- SSDEEP
  
  1536:HJp0OgmLGFYnW0AVwys5RKZQVr30VukbRP:gV+rAVE5RSggbRP
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2