c996679ef4a3fe3ed265d6d7459f25665db12f50f53e4002c1b318bd2fd66a17 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

adeb7b4b9bf5cb243ca0dc929ac40c83_JaffaCakes118
Size

368KB
Sample

240820-fgqhqsxhkk
MD5

adeb7b4b9bf5cb243ca0dc929ac40c83
SHA1

1b9aeb5402e339b8e1e34e6fb7cacbc10b7f7f42
SHA256

c996679ef4a3fe3ed265d6d7459f25665db12f50f53e4002c1b318bd2fd66a17
SHA512

5236cf2474dbafbfb882495696a7c173e10be3d72dc690c2b13b6b9cc22d855a197e2323c45f78835d0f547ac658b5ab03dfe7654cee06f795dc20ad35ea0f80
SSDEEP

6144:MtxSImZdyf/TLFvN6G/Xkyi6O/OYmQbfTBNl7DAOlQAocQZY:MtxJUdyf/TZEG/3iWYmQrTTl7D2cQ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  adeb7b4b9bf5cb243ca0dc929ac40c83_JaffaCakes118
- Size
  
  368KB
- MD5
  
  adeb7b4b9bf5cb243ca0dc929ac40c83
- SHA1
  
  1b9aeb5402e339b8e1e34e6fb7cacbc10b7f7f42
- SHA256
  
  c996679ef4a3fe3ed265d6d7459f25665db12f50f53e4002c1b318bd2fd66a17
- SHA512
  
  5236cf2474dbafbfb882495696a7c173e10be3d72dc690c2b13b6b9cc22d855a197e2323c45f78835d0f547ac658b5ab03dfe7654cee06f795dc20ad35ea0f80
- SSDEEP
  
  6144:MtxSImZdyf/TLFvN6G/Xkyi6O/OYmQbfTBNl7DAOlQAocQZY:MtxJUdyf/TZEG/3iWYmQrTTl7D2cQ
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence