05e6b502b9c5297fec71f7a11d3e32efdd416124019aca00686c16cf51792e8f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

93efb14e87678fd3b99ad9c76e5080f8_JaffaCakes118
Size

15KB
Sample

240813-vd1xmavflg
MD5

93efb14e87678fd3b99ad9c76e5080f8
SHA1

b6adc32853ef65b0abd59864a96fb95c50f6942b
SHA256

05e6b502b9c5297fec71f7a11d3e32efdd416124019aca00686c16cf51792e8f
SHA512

7bba28b8d4ce9bb789da249c0e60806134a154a1401d063d03685c2471c423d1606c3e8c621f1f65c8f3cfa9a5144c888e599f6c389475b133052448277e77a3
SSDEEP

384:mbE0FyYo3pkwCfexU4DZvRyMizFss4oZV:P0FTek5foUuLyMigoZV

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  93efb14e87678fd3b99ad9c76e5080f8_JaffaCakes118
- Size
  
  15KB
- MD5
  
  93efb14e87678fd3b99ad9c76e5080f8
- SHA1
  
  b6adc32853ef65b0abd59864a96fb95c50f6942b
- SHA256
  
  05e6b502b9c5297fec71f7a11d3e32efdd416124019aca00686c16cf51792e8f
- SHA512
  
  7bba28b8d4ce9bb789da249c0e60806134a154a1401d063d03685c2471c423d1606c3e8c621f1f65c8f3cfa9a5144c888e599f6c389475b133052448277e77a3
- SSDEEP
  
  384:mbE0FyYo3pkwCfexU4DZvRyMizFss4oZV:P0FTek5foUuLyMigoZV
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence