c92b5e8e49e3f3f93ae20abd2fd82b2163caffe02bccdf46ae83812eaf854f0b | Triage

Sharing

General

Target

77ee803fb42beb5e1fde7ce6e8860b20_JaffaCakes118
Size

28KB
Sample

240727-myvx4sycmg
MD5

77ee803fb42beb5e1fde7ce6e8860b20
SHA1

0956ef05e882beeb2827109defdcaeeb1a4ee89e
SHA256

c92b5e8e49e3f3f93ae20abd2fd82b2163caffe02bccdf46ae83812eaf854f0b
SHA512

a971cc08f0e2a97e4aa3190170da320e8e6bb1f26bc819b3f1f254694565b43dfcf87d2dd0e039230c14cf6b5381202be8f2654eaebc527f100ba1ddd3f40037
SSDEEP

192:33+mnBr2mFbtTGEHHivniYHH9L4uZyz9yE/9visSEZUoq+eEND2hqGD5axw:33+mn5tB5Hi1ez9yEltHuove8D2hqGZ

Score

10^/10

discovery evasion persistence

Malware Config

Targets

- Target
  
  77ee803fb42beb5e1fde7ce6e8860b20_JaffaCakes118
- Size
  
  28KB
- MD5
  
  77ee803fb42beb5e1fde7ce6e8860b20
- SHA1
  
  0956ef05e882beeb2827109defdcaeeb1a4ee89e
- SHA256
  
  c92b5e8e49e3f3f93ae20abd2fd82b2163caffe02bccdf46ae83812eaf854f0b
- SHA512
  
  a971cc08f0e2a97e4aa3190170da320e8e6bb1f26bc819b3f1f254694565b43dfcf87d2dd0e039230c14cf6b5381202be8f2654eaebc527f100ba1ddd3f40037
- SSDEEP
  
  192:33+mnBr2mFbtTGEHHivniYHH9L4uZyz9yE/9visSEZUoq+eEND2hqGD5axw:33+mn5tB5Hi1ez9yEltHuove8D2hqGZ
Score

10^/10

discovery evasion persistence
- Modifies WinLogon for persistence
  persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasionpersistence