d01527a536d8e39778a950d7808df3c18f7020bbda3676e0823becc7f20c0ce3 | Triage

Sharing

General

Target

719cd4bf743bf5aa0e42f0f9d986d41d_JaffaCakes118
Size

86KB
Sample

240725-2127jateke
MD5

719cd4bf743bf5aa0e42f0f9d986d41d
SHA1

382cbfb05ddc28823689d2f6d001304aa487093b
SHA256

d01527a536d8e39778a950d7808df3c18f7020bbda3676e0823becc7f20c0ce3
SHA512

8dcded2f8137c04a91d6de4aab5719a06e657ce3b042f1a1a674f679ceef8c3e375ec17f45fa9714dba1c8d5c5b2a933d3981547bc1538ee9c805607f8531c29
SSDEEP

1536:nkMXL5kb9vs3sFSOX777dkaaSFkC34Zr9647gjZ2KYuOr7n1uTeJuhS4FzqK:nkMupv/b777dk8pIR9OjcKYhv11uE4FL

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  719cd4bf743bf5aa0e42f0f9d986d41d_JaffaCakes118
- Size
  
  86KB
- MD5
  
  719cd4bf743bf5aa0e42f0f9d986d41d
- SHA1
  
  382cbfb05ddc28823689d2f6d001304aa487093b
- SHA256
  
  d01527a536d8e39778a950d7808df3c18f7020bbda3676e0823becc7f20c0ce3
- SHA512
  
  8dcded2f8137c04a91d6de4aab5719a06e657ce3b042f1a1a674f679ceef8c3e375ec17f45fa9714dba1c8d5c5b2a933d3981547bc1538ee9c805607f8531c29
- SSDEEP
  
  1536:nkMXL5kb9vs3sFSOX777dkaaSFkC34Zr9647gjZ2KYuOr7n1uTeJuhS4FzqK:nkMupv/b777dk8pIR9OjcKYhv11uE4FL
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence