0bf0c1b1894fda696e0b73dbcd467af28b1bbdd0a873ca1b795a896294f0bdeb | Triage

Sharing

General

Target

46961d8242beba00fbc793c450c77a7c_JaffaCakes118
Size

74KB
Sample

240714-ts1pqszgkh
MD5

46961d8242beba00fbc793c450c77a7c
SHA1

e89f10b86ce425e0da03097b86ae3e6159139e37
SHA256

0bf0c1b1894fda696e0b73dbcd467af28b1bbdd0a873ca1b795a896294f0bdeb
SHA512

d4fe68e97ea9770ab36987926c9b1999b440efc9002dc94dc64ce29fb2ac18e674c99c7254fdaf115233e3064fbca3c65a63686e76eb4b0b1b52c607552fd324
SSDEEP

1536:gQBFH3fgCVKqFKmYkeBdNu6Wipvn+8cxxbCnlKGj:pBFXfgCJzeBdSs+8Cb72

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  46961d8242beba00fbc793c450c77a7c_JaffaCakes118
- Size
  
  74KB
- MD5
  
  46961d8242beba00fbc793c450c77a7c
- SHA1
  
  e89f10b86ce425e0da03097b86ae3e6159139e37
- SHA256
  
  0bf0c1b1894fda696e0b73dbcd467af28b1bbdd0a873ca1b795a896294f0bdeb
- SHA512
  
  d4fe68e97ea9770ab36987926c9b1999b440efc9002dc94dc64ce29fb2ac18e674c99c7254fdaf115233e3064fbca3c65a63686e76eb4b0b1b52c607552fd324
- SSDEEP
  
  1536:gQBFH3fgCVKqFKmYkeBdNu6Wipvn+8cxxbCnlKGj:pBFXfgCJzeBdSs+8Cb72
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2