2e65d6cc6c049637cdce66a946150cda4b7175acdb75a3cdf53c0be0e540ebcb | Triage

Sharing

General

Target

604fe076edefd63cc9dbef5fced9ce8b_JaffaCakes118
Size

50KB
Sample

240720-2waaysyhkg
MD5

604fe076edefd63cc9dbef5fced9ce8b
SHA1

2c4e5b17994454c7aaa7985da51028f4922fb640
SHA256

2e65d6cc6c049637cdce66a946150cda4b7175acdb75a3cdf53c0be0e540ebcb
SHA512

ee5af2d465a392ccc0e269ea8b2b3b304d7794785c66586fffd7755a0f4ea1aacce9c48bdad9723e95fb2f22c56cb3ebdcf71907e834fd2b09a89459a9d2a8a7
SSDEEP

1536:OGipmaADVr7Hny/Sf65tE2dHEKON45ibun5454:OEDV7yE8tEaHA4zr

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  604fe076edefd63cc9dbef5fced9ce8b_JaffaCakes118
- Size
  
  50KB
- MD5
  
  604fe076edefd63cc9dbef5fced9ce8b
- SHA1
  
  2c4e5b17994454c7aaa7985da51028f4922fb640
- SHA256
  
  2e65d6cc6c049637cdce66a946150cda4b7175acdb75a3cdf53c0be0e540ebcb
- SHA512
  
  ee5af2d465a392ccc0e269ea8b2b3b304d7794785c66586fffd7755a0f4ea1aacce9c48bdad9723e95fb2f22c56cb3ebdcf71907e834fd2b09a89459a9d2a8a7
- SSDEEP
  
  1536:OGipmaADVr7Hny/Sf65tE2dHEKON45ibun5454:OEDV7yE8tEaHA4zr
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2