d2aaa75e24e3e9555f6b42c15f45d07bc79259ee5faca7d3959327da6e196d44 | Triage

Sharing

General

Target

74bafc6ab4b3de3ef2a917280cde1d14_JaffaCakes118
Size

125KB
Sample

240726-tfbj3s1glc
MD5

74bafc6ab4b3de3ef2a917280cde1d14
SHA1

90ee37ee26c8c526ece7a8957079f975572842d1
SHA256

d2aaa75e24e3e9555f6b42c15f45d07bc79259ee5faca7d3959327da6e196d44
SHA512

31639ec5e8b79e9ac685a20ff9c0bd058e9661f64447a31c5d9c122731ed77c7e38db0224d4ff159316208bea46e1dc0b15f0ae15967c4f4f092ffe2978684f6
SSDEEP

3072:r20DaedBsMmU2K9/XgzOTDTp3CTbYsKRk:r20Gednm6azOTFEPKRk

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  74bafc6ab4b3de3ef2a917280cde1d14_JaffaCakes118
- Size
  
  125KB
- MD5
  
  74bafc6ab4b3de3ef2a917280cde1d14
- SHA1
  
  90ee37ee26c8c526ece7a8957079f975572842d1
- SHA256
  
  d2aaa75e24e3e9555f6b42c15f45d07bc79259ee5faca7d3959327da6e196d44
- SHA512
  
  31639ec5e8b79e9ac685a20ff9c0bd058e9661f64447a31c5d9c122731ed77c7e38db0224d4ff159316208bea46e1dc0b15f0ae15967c4f4f092ffe2978684f6
- SSDEEP
  
  3072:r20DaedBsMmU2K9/XgzOTDTp3CTbYsKRk:r20Gednm6azOTFEPKRk
Score

10^/10

persistence discovery
- Modifies WinLogon for persistence
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence