401ca9cb0edb177fd7b358c665ccf39d5aac88031ef08487149341671fe9661a | Triage

Sharing

General

Target

446de64024dd7c4bea6f65cf695c52c0_JaffaCakes118
Size

50KB
Sample

240714-fsqmwaxenn
MD5

446de64024dd7c4bea6f65cf695c52c0
SHA1

430510018735a32ea08dfb624f79f1faae0b410b
SHA256

401ca9cb0edb177fd7b358c665ccf39d5aac88031ef08487149341671fe9661a
SHA512

e6445d966176c00e8510339cc1e5378c96665fbfee1408ce5b0a76f31f01d359cef171ed9e8778bb54f8e91612f72eb3a829d80a86f41e2ae8193d24b34985dd
SSDEEP

768:iiz8iL8RHgY1J2HXDvftMvOnm9MMPPXffaTRj3eHUeAj3I/zXGAUaU3Qvjc:i89nYv2HXztM2nm9tf038UeAj4XGBE4

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  446de64024dd7c4bea6f65cf695c52c0_JaffaCakes118
- Size
  
  50KB
- MD5
  
  446de64024dd7c4bea6f65cf695c52c0
- SHA1
  
  430510018735a32ea08dfb624f79f1faae0b410b
- SHA256
  
  401ca9cb0edb177fd7b358c665ccf39d5aac88031ef08487149341671fe9661a
- SHA512
  
  e6445d966176c00e8510339cc1e5378c96665fbfee1408ce5b0a76f31f01d359cef171ed9e8778bb54f8e91612f72eb3a829d80a86f41e2ae8193d24b34985dd
- SSDEEP
  
  768:iiz8iL8RHgY1J2HXDvftMvOnm9MMPPXffaTRj3eHUeAj3I/zXGAUaU3Qvjc:i89nYv2HXztM2nm9tf038UeAj4XGBE4
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2