cd888e6a9058e0b91ffe5571326f918d150ea84fadd86389f692573bdff09bfa | Triage

Sharing

General

Target

ae2750db4e909ce927d83a63ded21c6f_JaffaCakes118
Size

250KB
Sample

240820-gzttjs1cml
MD5

ae2750db4e909ce927d83a63ded21c6f
SHA1

6d24d236ca59e01ed4d68fad42c98d7f87a4adba
SHA256

cd888e6a9058e0b91ffe5571326f918d150ea84fadd86389f692573bdff09bfa
SHA512

fece4cf141599fa02a7b644c98e0b98d50097ea91835bbc18154b6959da69131a22b868bc0353775d28d387cd5ad864006620d2a44e91732956cd0347ab5dbf3
SSDEEP

6144:joWommoLqu8ccQH07Y+dZ7Ir77sDD6o70Pr7dTfoUh1OzM:joWoWBEXY+MsDpGfFjOzM

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ae2750db4e909ce927d83a63ded21c6f_JaffaCakes118
- Size
  
  250KB
- MD5
  
  ae2750db4e909ce927d83a63ded21c6f
- SHA1
  
  6d24d236ca59e01ed4d68fad42c98d7f87a4adba
- SHA256
  
  cd888e6a9058e0b91ffe5571326f918d150ea84fadd86389f692573bdff09bfa
- SHA512
  
  fece4cf141599fa02a7b644c98e0b98d50097ea91835bbc18154b6959da69131a22b868bc0353775d28d387cd5ad864006620d2a44e91732956cd0347ab5dbf3
- SSDEEP
  
  6144:joWommoLqu8ccQH07Y+dZ7Ir77sDD6o70Pr7dTfoUh1OzM:joWoWBEXY+MsDpGfFjOzM
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence