a8ab6b10dca86aae22695763da5407b0e09d90fb58588ffcb84207469cae99c7 | Triage

Sharing

General

Target

69f4afa0e9416929faf7e7cfd5043b7e_JaffaCakes118
Size

283KB
Sample

240724-c6crdsxalf
MD5

69f4afa0e9416929faf7e7cfd5043b7e
SHA1

7774a4677251fd42dca5b7e036fe2a38e722330c
SHA256

a8ab6b10dca86aae22695763da5407b0e09d90fb58588ffcb84207469cae99c7
SHA512

9a4be224258b28d898fc7f0cba237d16b873ff7b28d0ce1b40792b4821fabab8c7d1685adca19bfba0269883e1c4fbab57368f029da6ba98a6bd3bca5c7854bf
SSDEEP

6144:8AR2yMc7Aogde44yCfoEyah2u1ZarBqBtgcmnhHQ48nAUNDt:lL+3XFCfn18BytgcWhHyrR

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  69f4afa0e9416929faf7e7cfd5043b7e_JaffaCakes118
- Size
  
  283KB
- MD5
  
  69f4afa0e9416929faf7e7cfd5043b7e
- SHA1
  
  7774a4677251fd42dca5b7e036fe2a38e722330c
- SHA256
  
  a8ab6b10dca86aae22695763da5407b0e09d90fb58588ffcb84207469cae99c7
- SHA512
  
  9a4be224258b28d898fc7f0cba237d16b873ff7b28d0ce1b40792b4821fabab8c7d1685adca19bfba0269883e1c4fbab57368f029da6ba98a6bd3bca5c7854bf
- SSDEEP
  
  6144:8AR2yMc7Aogde44yCfoEyah2u1ZarBqBtgcmnhHQ48nAUNDt:lL+3XFCfn18BytgcWhHyrR
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence