5bea39bc9ec6e9dfb8ba11977d453cb0a3b471c5b156e67a32e71c7aad03edea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b9cb26b76b4850ff13d508e9bef0a49_JaffaCakes118
Size

124KB
Sample

240811-xrw7pstbpj
MD5

8b9cb26b76b4850ff13d508e9bef0a49
SHA1

7febfe0222097beb4573a8e37cdcb6cffd281fc1
SHA256

5bea39bc9ec6e9dfb8ba11977d453cb0a3b471c5b156e67a32e71c7aad03edea
SHA512

c266b57dbe7935f885ef7bb19f1d5528c6b406c3673cea76f6ec931d5e7f85fcdcd41c5ebbd72f35847756060363e8c584a6d4f52ec8acc09406f9b4b9a636d8
SSDEEP

3072:u1pAUxYJnXL91mn52vaoC2To5vzW76cjnwYZzW:u1pTYJXL91mnEvN9kyRwYZ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8b9cb26b76b4850ff13d508e9bef0a49_JaffaCakes118
- Size
  
  124KB
- MD5
  
  8b9cb26b76b4850ff13d508e9bef0a49
- SHA1
  
  7febfe0222097beb4573a8e37cdcb6cffd281fc1
- SHA256
  
  5bea39bc9ec6e9dfb8ba11977d453cb0a3b471c5b156e67a32e71c7aad03edea
- SHA512
  
  c266b57dbe7935f885ef7bb19f1d5528c6b406c3673cea76f6ec931d5e7f85fcdcd41c5ebbd72f35847756060363e8c584a6d4f52ec8acc09406f9b4b9a636d8
- SSDEEP
  
  3072:u1pAUxYJnXL91mn52vaoC2To5vzW76cjnwYZzW:u1pTYJXL91mnEvN9kyRwYZ
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence