f8602ceae168804a17362d2cf8879c6b564d1605d4d3de245fa3a3874661f8aa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a00ca71bed2f7268dbb1a6e46d531e5_JaffaCakes118
Size

34KB
Sample

240811-metwpszcja
MD5

8a00ca71bed2f7268dbb1a6e46d531e5
SHA1

8b46539d18d1d248b07b9f6e41d4363648855510
SHA256

f8602ceae168804a17362d2cf8879c6b564d1605d4d3de245fa3a3874661f8aa
SHA512

036d2c0ac3b6ab300fcc572e30ca79ae65e7c57c5d598c4f7985d73fbc9d25b52aefab8b87ab875b8ad61a71c916b3b913965142c32acf0cfb577b70822ea35c
SSDEEP

768:xuC8yipvBquTawK4/aUh7n5UwzN4MUFiQOJtrkT1ST3:4YipvBqCa0l7dJgFE

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8a00ca71bed2f7268dbb1a6e46d531e5_JaffaCakes118
- Size
  
  34KB
- MD5
  
  8a00ca71bed2f7268dbb1a6e46d531e5
- SHA1
  
  8b46539d18d1d248b07b9f6e41d4363648855510
- SHA256
  
  f8602ceae168804a17362d2cf8879c6b564d1605d4d3de245fa3a3874661f8aa
- SHA512
  
  036d2c0ac3b6ab300fcc572e30ca79ae65e7c57c5d598c4f7985d73fbc9d25b52aefab8b87ab875b8ad61a71c916b3b913965142c32acf0cfb577b70822ea35c
- SSDEEP
  
  768:xuC8yipvBquTawK4/aUh7n5UwzN4MUFiQOJtrkT1ST3:4YipvBqCa0l7dJgFE
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence