b2921573736ffff326d8936b0fafe74e67d2e263acbabe8154d45c4087e7f06a | Triage

Sharing

General

Target

ad96a93f30cdc24b2f235ab28f8ac9ac_JaffaCakes118
Size

546KB
Sample

240820-c7tfjatekr
MD5

ad96a93f30cdc24b2f235ab28f8ac9ac
SHA1

df1da4a58fb9a67d60dba7008667dcb79dd0ef3a
SHA256

b2921573736ffff326d8936b0fafe74e67d2e263acbabe8154d45c4087e7f06a
SHA512

dea79b2478cd321438bc95a696e020101197beaacb380b03a0ded3147da368cc00782849239ef04dce64c6a58d280353c7a3b6e5893984be13320bf12ce35f73
SSDEEP

12288:DiptwyGReXZQ9CIoC67SzkC4JxKJFxbDvbL7Dk4sLOq:DiTNoOQ9iJ+z9J/DDLMzV

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ad96a93f30cdc24b2f235ab28f8ac9ac_JaffaCakes118
- Size
  
  546KB
- MD5
  
  ad96a93f30cdc24b2f235ab28f8ac9ac
- SHA1
  
  df1da4a58fb9a67d60dba7008667dcb79dd0ef3a
- SHA256
  
  b2921573736ffff326d8936b0fafe74e67d2e263acbabe8154d45c4087e7f06a
- SHA512
  
  dea79b2478cd321438bc95a696e020101197beaacb380b03a0ded3147da368cc00782849239ef04dce64c6a58d280353c7a3b6e5893984be13320bf12ce35f73
- SSDEEP
  
  12288:DiptwyGReXZQ9CIoC67SzkC4JxKJFxbDvbL7Dk4sLOq:DiTNoOQ9iJ+z9J/DDLMzV
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence