7f151dd40c50068f56f46c0ac2bb48aa91d8b0000c1343d509a1d122e88ca90f | Triage

Sharing

General

Target

5e5103d5eedbb384379f21ba7960176a_JaffaCakes118
Size

46KB
Sample

240720-aqke7a1fmh
MD5

5e5103d5eedbb384379f21ba7960176a
SHA1

3c27647125f36df9b149e4e56900b29f36315988
SHA256

7f151dd40c50068f56f46c0ac2bb48aa91d8b0000c1343d509a1d122e88ca90f
SHA512

3c17f9048ca56e849df9cc8218a4600c2d1760198713270ad927e7c99a2812795a21d9b954293d0b8a2e7da1aa7781ad30ddbf54f92a11f19a6ac48aa7832841
SSDEEP

768:2kO5UbxMlc1ulJYAX1ErqgQjfYuy53Li3SSl3L50AhNEKlUPcVqZp0QB6Obke0Nr:e5kxEmUJ4q7jfDW3Li3ScNbEJcWpXBde

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  5e5103d5eedbb384379f21ba7960176a_JaffaCakes118
- Size
  
  46KB
- MD5
  
  5e5103d5eedbb384379f21ba7960176a
- SHA1
  
  3c27647125f36df9b149e4e56900b29f36315988
- SHA256
  
  7f151dd40c50068f56f46c0ac2bb48aa91d8b0000c1343d509a1d122e88ca90f
- SHA512
  
  3c17f9048ca56e849df9cc8218a4600c2d1760198713270ad927e7c99a2812795a21d9b954293d0b8a2e7da1aa7781ad30ddbf54f92a11f19a6ac48aa7832841
- SSDEEP
  
  768:2kO5UbxMlc1ulJYAX1ErqgQjfYuy53Li3SSl3L50AhNEKlUPcVqZp0QB6Obke0Nr:e5kxEmUJ4q7jfDW3Li3ScNbEJcWpXBde
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2