43829e246dd04336968552b496bb3ddfaa6847e8d296e42ae3a9fe2dfad91e06 | Triage

Sharing

General

Target

0185bbadaecfaf35d399f198d302a77c_JaffaCakes118
Size

2.3MB
Sample

240727-2kt6zsvhmg
MD5

0185bbadaecfaf35d399f198d302a77c
SHA1

0530f5aff3cc71331d58aad927ad4abf10b14444
SHA256

43829e246dd04336968552b496bb3ddfaa6847e8d296e42ae3a9fe2dfad91e06
SHA512

590063f749c08b54d043769d845e91e374bc8aebcf330d12efb254d8d541fc81323dae603b1e1c733e97033f85dc728381787b0de28d94a7f691b8630f9751a8
SSDEEP

49152:5CLDqigMXSNZQD5j3cLfkkKSalp4+Z/FPnWnLvJ3+EdBy0SWjuDR:ZxMXSNZQFcxgdtPn6xLBy1quDR

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  0185bbadaecfaf35d399f198d302a77c_JaffaCakes118
- Size
  
  2.3MB
- MD5
  
  0185bbadaecfaf35d399f198d302a77c
- SHA1
  
  0530f5aff3cc71331d58aad927ad4abf10b14444
- SHA256
  
  43829e246dd04336968552b496bb3ddfaa6847e8d296e42ae3a9fe2dfad91e06
- SHA512
  
  590063f749c08b54d043769d845e91e374bc8aebcf330d12efb254d8d541fc81323dae603b1e1c733e97033f85dc728381787b0de28d94a7f691b8630f9751a8
- SSDEEP
  
  49152:5CLDqigMXSNZQD5j3cLfkkKSalp4+Z/FPnWnLvJ3+EdBy0SWjuDR:ZxMXSNZQFcxgdtPn6xLBy1quDR
Score

10^/10

persistence discovery
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence