391dea11a0e01049180f9a765aa72bb3c3836a5794132153cb17e469626f30e8 | Triage

Sharing

General

Target

84e7b1c3d6b6c699c222665ac77fe4f7_JaffaCakes118
Size

68KB
Sample

240810-fsg1qsxbpk
MD5

84e7b1c3d6b6c699c222665ac77fe4f7
SHA1

f4d117c4de04636fa29dedf306e087afbfdae09c
SHA256

391dea11a0e01049180f9a765aa72bb3c3836a5794132153cb17e469626f30e8
SHA512

8f7e52061b3bcdf212cf913d86f84ef5d8d5741dd4b7861d0881a7d0cf91503c8c83bc1aee2ba1c69fd13af844485e2e7fd0f3d71c8ece0ca5074f65da013d3b
SSDEEP

1536:UqxDyKRSf5vt8q83nsMh7FRPx0tDoy5/:UqNRGvt8qKs0KVF

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  84e7b1c3d6b6c699c222665ac77fe4f7_JaffaCakes118
- Size
  
  68KB
- MD5
  
  84e7b1c3d6b6c699c222665ac77fe4f7
- SHA1
  
  f4d117c4de04636fa29dedf306e087afbfdae09c
- SHA256
  
  391dea11a0e01049180f9a765aa72bb3c3836a5794132153cb17e469626f30e8
- SHA512
  
  8f7e52061b3bcdf212cf913d86f84ef5d8d5741dd4b7861d0881a7d0cf91503c8c83bc1aee2ba1c69fd13af844485e2e7fd0f3d71c8ece0ca5074f65da013d3b
- SSDEEP
  
  1536:UqxDyKRSf5vt8q83nsMh7FRPx0tDoy5/:UqNRGvt8qKs0KVF
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence