4cfb494336e9a5a9113568ed790bd3435469099f1d9e75efd7f79ab38fecdbef | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8994a08d531ae9995cb532695bfaf8f0_JaffaCakes118
Size

712KB
Sample

240811-jpww9s1drp
MD5

8994a08d531ae9995cb532695bfaf8f0
SHA1

454c61d9765f741cf5e1a4aded72eaa3a36fce19
SHA256

4cfb494336e9a5a9113568ed790bd3435469099f1d9e75efd7f79ab38fecdbef
SHA512

0266034964fa60f75c22ac440ce062705e347b6ebd6211d0510c55180ecac3e9e87a507a59441d49f3171349615eb3f2f76408c79bf4af097c9573ccfcc858d3
SSDEEP

12288:rE8h1+o1fyFyecwt51UBcXpGKLFLqTYsUPVCenpfgtfS+tCfe/twWeEp73gl:rE8ao1V2rLkTskepfI9seWnsO

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8994a08d531ae9995cb532695bfaf8f0_JaffaCakes118
- Size
  
  712KB
- MD5
  
  8994a08d531ae9995cb532695bfaf8f0
- SHA1
  
  454c61d9765f741cf5e1a4aded72eaa3a36fce19
- SHA256
  
  4cfb494336e9a5a9113568ed790bd3435469099f1d9e75efd7f79ab38fecdbef
- SHA512
  
  0266034964fa60f75c22ac440ce062705e347b6ebd6211d0510c55180ecac3e9e87a507a59441d49f3171349615eb3f2f76408c79bf4af097c9573ccfcc858d3
- SSDEEP
  
  12288:rE8h1+o1fyFyecwt51UBcXpGKLFLqTYsUPVCenpfgtfS+tCfe/twWeEp73gl:rE8ao1V2rLkTskepfI9seWnsO
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence