82ea303e703592d62aa4c5fb55240ef4c25f5eae3eb9b386297a8fc39dc05f45 | Triage

Sharing

General

Target

85989725eec6ef0d24f3fef8d89a2879_JaffaCakes118
Size

263KB
Sample

240810-ljg72aybqb
MD5

85989725eec6ef0d24f3fef8d89a2879
SHA1

ca96e620b9947af402ea0b27343d4cb2a0458763
SHA256

82ea303e703592d62aa4c5fb55240ef4c25f5eae3eb9b386297a8fc39dc05f45
SHA512

47ccadd0b3dd5a63e7316facc7f4c9c72f1726f9592f8134ecee5011b226a2aaa01fab4d95c191a4140632877cd11287b64c1a5b3a0619c5635a3976f0ae0d81
SSDEEP

6144:GBh2bgwq4eDpDJ1SVFBQLCvryYRb+knn2wpsyJpizo0cd:Giq4ePOQWvbt2s9pnZ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  85989725eec6ef0d24f3fef8d89a2879_JaffaCakes118
- Size
  
  263KB
- MD5
  
  85989725eec6ef0d24f3fef8d89a2879
- SHA1
  
  ca96e620b9947af402ea0b27343d4cb2a0458763
- SHA256
  
  82ea303e703592d62aa4c5fb55240ef4c25f5eae3eb9b386297a8fc39dc05f45
- SHA512
  
  47ccadd0b3dd5a63e7316facc7f4c9c72f1726f9592f8134ecee5011b226a2aaa01fab4d95c191a4140632877cd11287b64c1a5b3a0619c5635a3976f0ae0d81
- SSDEEP
  
  6144:GBh2bgwq4eDpDJ1SVFBQLCvryYRb+knn2wpsyJpizo0cd:Giq4ePOQWvbt2s9pnZ
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence