4af3f0de85c5b5c7a4a7b0e5c8ea348450612b26432362a78ecc81b3504052cd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9760f839e72f02e3cd99d1fa855d059f_JaffaCakes118
Size

206KB
Sample

240814-x8xjssvdrj
MD5

9760f839e72f02e3cd99d1fa855d059f
SHA1

5161a356d3c0fc2b19f4f635d5a55af9f8595fbc
SHA256

4af3f0de85c5b5c7a4a7b0e5c8ea348450612b26432362a78ecc81b3504052cd
SHA512

f9d49a50bca2a64d55e66665b4ddf7e10423a4e3aa891fd21384b5efe757af838d3d736de0d6658c0cc83c70a6d59bafb6c25ab24298784a0a96b61cf8fa3f06
SSDEEP

3072:1ZKoxQb+k9QvlM2UomDQEGPjRHfNtPYuD/V9P8rMz8csf2jacKUSI7Lj/PKbcVGX:3rox9QUkEq9/nP3D/jP8Pcu65GbNwy

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  9760f839e72f02e3cd99d1fa855d059f_JaffaCakes118
- Size
  
  206KB
- MD5
  
  9760f839e72f02e3cd99d1fa855d059f
- SHA1
  
  5161a356d3c0fc2b19f4f635d5a55af9f8595fbc
- SHA256
  
  4af3f0de85c5b5c7a4a7b0e5c8ea348450612b26432362a78ecc81b3504052cd
- SHA512
  
  f9d49a50bca2a64d55e66665b4ddf7e10423a4e3aa891fd21384b5efe757af838d3d736de0d6658c0cc83c70a6d59bafb6c25ab24298784a0a96b61cf8fa3f06
- SSDEEP
  
  3072:1ZKoxQb+k9QvlM2UomDQEGPjRHfNtPYuD/V9P8rMz8csf2jacKUSI7Lj/PKbcVGX:3rox9QUkEq9/nP3D/jP8Pcu65GbNwy
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence