6ceb109992597d3c26d3e662b94f700bae46bd7d8adf8142261351b61ad60e79 | Triage

Sharing

General

Target

61ca2c1c5dcad21b5a0a870baac64266_JaffaCakes118
Size

49KB
Sample

240721-25ayvasaql
MD5

61ca2c1c5dcad21b5a0a870baac64266
SHA1

56e3e8818827d9f71c8145ccf52bd0ccf276b67a
SHA256

6ceb109992597d3c26d3e662b94f700bae46bd7d8adf8142261351b61ad60e79
SHA512

f3a4275409fe7635bb4120f81230b9a48d5b4ba8f03fe80535e4cfaa7b97feb54fb79bc8f1dd9cb8d437c9638a58f1ac8db0b372418433a008130bd807bdf644
SSDEEP

768:tcbSmKLz9s/zu5sFLa421HvUiswOIKIMj2UvBrwhXEmcPtuGqHoQxbGFRde:vmKLe/SON+mFoISUprwvcPSIQwF

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  61ca2c1c5dcad21b5a0a870baac64266_JaffaCakes118
- Size
  
  49KB
- MD5
  
  61ca2c1c5dcad21b5a0a870baac64266
- SHA1
  
  56e3e8818827d9f71c8145ccf52bd0ccf276b67a
- SHA256
  
  6ceb109992597d3c26d3e662b94f700bae46bd7d8adf8142261351b61ad60e79
- SHA512
  
  f3a4275409fe7635bb4120f81230b9a48d5b4ba8f03fe80535e4cfaa7b97feb54fb79bc8f1dd9cb8d437c9638a58f1ac8db0b372418433a008130bd807bdf644
- SSDEEP
  
  768:tcbSmKLz9s/zu5sFLa421HvUiswOIKIMj2UvBrwhXEmcPtuGqHoQxbGFRde:vmKLe/SON+mFoISUprwvcPSIQwF
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2