f6035944ae2f1a811cb1abffdb19f15e098d4aec29bcf77a8c07223eff8bb761 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

961707b1fd6a538e303c79145badf60d_JaffaCakes118
Size

737KB
Sample

240814-plfc1awgrr
MD5

961707b1fd6a538e303c79145badf60d
SHA1

888e6ebf58bb03adc23661ae3d2bec5dcc83ad23
SHA256

f6035944ae2f1a811cb1abffdb19f15e098d4aec29bcf77a8c07223eff8bb761
SHA512

7a45235571172ec536c09cd23c2cedbecc97409c144d5a1be5c6ca4c638d9cee573f5aacccdc1c2839f2d4f8e0cdf720fddbc60c7d74cd8635c04ae223381475
SSDEEP

12288:Z83DHCPABQ4YAAllrtdeYCukdolwcMTGCEHGxpM5q4vZ/7UANt9NpuEH92ue5yI:ADGt4YAAlNLUzaMOHQ4h/73tUEH92uep

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  961707b1fd6a538e303c79145badf60d_JaffaCakes118
- Size
  
  737KB
- MD5
  
  961707b1fd6a538e303c79145badf60d
- SHA1
  
  888e6ebf58bb03adc23661ae3d2bec5dcc83ad23
- SHA256
  
  f6035944ae2f1a811cb1abffdb19f15e098d4aec29bcf77a8c07223eff8bb761
- SHA512
  
  7a45235571172ec536c09cd23c2cedbecc97409c144d5a1be5c6ca4c638d9cee573f5aacccdc1c2839f2d4f8e0cdf720fddbc60c7d74cd8635c04ae223381475
- SSDEEP
  
  12288:Z83DHCPABQ4YAAllrtdeYCukdolwcMTGCEHGxpM5q4vZ/7UANt9NpuEH92ue5yI:ADGt4YAAlNLUzaMOHQ4h/73tUEH92uep
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2