82a72c5451cb5c4a0cf37c3a8ca6e50ea3ce7cc9fef2983376d00c0095489f6b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

838542e51acb792890b1b6ee6299e9b8_JaffaCakes118
Size

51KB
Sample

240809-zphbwaydmm
MD5

838542e51acb792890b1b6ee6299e9b8
SHA1

b7bb43702294264f56b67a7202b62cd9a0487fe6
SHA256

82a72c5451cb5c4a0cf37c3a8ca6e50ea3ce7cc9fef2983376d00c0095489f6b
SHA512

7243d4b8726971d3da02f80c8c3388c322cebe08218b7b88e846309e65037971895f71a08f362cd8e38902a71be0ebc37ec55f6814adcf7e20c5c2d132ab54a8
SSDEEP

1536:i4UatDw8zT07f3qnm+A60k08945hIFJS:Aaxw82fan9AgzKIFI

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  838542e51acb792890b1b6ee6299e9b8_JaffaCakes118
- Size
  
  51KB
- MD5
  
  838542e51acb792890b1b6ee6299e9b8
- SHA1
  
  b7bb43702294264f56b67a7202b62cd9a0487fe6
- SHA256
  
  82a72c5451cb5c4a0cf37c3a8ca6e50ea3ce7cc9fef2983376d00c0095489f6b
- SHA512
  
  7243d4b8726971d3da02f80c8c3388c322cebe08218b7b88e846309e65037971895f71a08f362cd8e38902a71be0ebc37ec55f6814adcf7e20c5c2d132ab54a8
- SSDEEP
  
  1536:i4UatDw8zT07f3qnm+A60k08945hIFJS:Aaxw82fan9AgzKIFI
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence