ffec80e33ca050c78c5af49a23b4943b68872b9bef75bbe75f4bf277fddec3f7 | Triage

Sharing

General

Target

43dcf05478833250d15ba492cf1ca381_JaffaCakes118
Size

80KB
Sample

240714-chntravena
MD5

43dcf05478833250d15ba492cf1ca381
SHA1

51a7df050834c19d7814a128d1b78ee133ce3e7f
SHA256

ffec80e33ca050c78c5af49a23b4943b68872b9bef75bbe75f4bf277fddec3f7
SHA512

14c81606af972ea7187efdecc3bc8dd1e299e41245f95134c3f522c6569b7f0292e862c986e956377db157f554c8943df82870fb3435aa7eddab186f07d38cae
SSDEEP

1536:C0FBV3gTCVEmMOet6HQHYnu3PpQ3aRhdsRxO4z:CWVe8EhO24nGPS3ajL4z

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  43dcf05478833250d15ba492cf1ca381_JaffaCakes118
- Size
  
  80KB
- MD5
  
  43dcf05478833250d15ba492cf1ca381
- SHA1
  
  51a7df050834c19d7814a128d1b78ee133ce3e7f
- SHA256
  
  ffec80e33ca050c78c5af49a23b4943b68872b9bef75bbe75f4bf277fddec3f7
- SHA512
  
  14c81606af972ea7187efdecc3bc8dd1e299e41245f95134c3f522c6569b7f0292e862c986e956377db157f554c8943df82870fb3435aa7eddab186f07d38cae
- SSDEEP
  
  1536:C0FBV3gTCVEmMOet6HQHYnu3PpQ3aRhdsRxO4z:CWVe8EhO24nGPS3ajL4z
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2