c5b9067ee75d38ef820ac856fb38c586d2ef5e1aeeca3d8b384932240b598a78 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fde24dbb5db08c9390edbcafe00754a_JaffaCakes118
Size

18KB
Sample

240725-radfdascmp
MD5

6fde24dbb5db08c9390edbcafe00754a
SHA1

068668c8e1024ab5587416034e35c98576e495a9
SHA256

c5b9067ee75d38ef820ac856fb38c586d2ef5e1aeeca3d8b384932240b598a78
SHA512

5fdc96c7598e44b7bf43e1eaf8350a25bb40d126a003368b67d6986f4bc543da7a918062d3fd9fb49107d5f873b698fc60929bb07c2f480755598a92020ce8ed
SSDEEP

384:lSWTu/LKer0fMxTCrEcG9bhUMNAi1yT1jnTR5OOn1Iz5NdWfZ:/TujzIbzG9NUqL1M1jF5TAU

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  6fde24dbb5db08c9390edbcafe00754a_JaffaCakes118
- Size
  
  18KB
- MD5
  
  6fde24dbb5db08c9390edbcafe00754a
- SHA1
  
  068668c8e1024ab5587416034e35c98576e495a9
- SHA256
  
  c5b9067ee75d38ef820ac856fb38c586d2ef5e1aeeca3d8b384932240b598a78
- SHA512
  
  5fdc96c7598e44b7bf43e1eaf8350a25bb40d126a003368b67d6986f4bc543da7a918062d3fd9fb49107d5f873b698fc60929bb07c2f480755598a92020ce8ed
- SSDEEP
  
  384:lSWTu/LKer0fMxTCrEcG9bhUMNAi1yT1jnTR5OOn1Iz5NdWfZ:/TujzIbzG9NUqL1M1jF5TAU
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2