bfb01a0dbf7558484cbd254a2d432fa6bf3d595fa7ccd719101219fa4f28fb61 | Triage

Sharing

General

Target

9617923cee4f84a52dd16a1d6c1b7176_JaffaCakes118
Size

51KB
Sample

240814-plt66awhkn
MD5

9617923cee4f84a52dd16a1d6c1b7176
SHA1

5d82400ee6220c3d69ffc335889ee039e576fbae
SHA256

bfb01a0dbf7558484cbd254a2d432fa6bf3d595fa7ccd719101219fa4f28fb61
SHA512

43ce27728d2268bdf0db42b2633d9ecec13c2589acdad8f07f9270f3bcb143c0c35da23ac843b2ebaa3847517049d719b4bbbe55f7905ce84217f12becc9d6ed
SSDEEP

1536:xIZ5MtjVLXhrIEe9aCVhd5q2gwsWlKeaY:xIZ5MtZLXhrIEeaoAY

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  9617923cee4f84a52dd16a1d6c1b7176_JaffaCakes118
- Size
  
  51KB
- MD5
  
  9617923cee4f84a52dd16a1d6c1b7176
- SHA1
  
  5d82400ee6220c3d69ffc335889ee039e576fbae
- SHA256
  
  bfb01a0dbf7558484cbd254a2d432fa6bf3d595fa7ccd719101219fa4f28fb61
- SHA512
  
  43ce27728d2268bdf0db42b2633d9ecec13c2589acdad8f07f9270f3bcb143c0c35da23ac843b2ebaa3847517049d719b4bbbe55f7905ce84217f12becc9d6ed
- SSDEEP
  
  1536:xIZ5MtjVLXhrIEe9aCVhd5q2gwsWlKeaY:xIZ5MtZLXhrIEeaoAY
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence