386f5d05c093ae0857735573ccdd1cb42f510802b74f38a8d157a2930f651af6 | Triage

Sharing

General

Target

b4546a42cc714136510da7aa65c8c14c_JaffaCakes118
Size

88KB
Sample

240821-vs5jcs1brh
MD5

b4546a42cc714136510da7aa65c8c14c
SHA1

f95c63027979f565fbcc04cf68a090c55839e4d9
SHA256

386f5d05c093ae0857735573ccdd1cb42f510802b74f38a8d157a2930f651af6
SHA512

4e380def7b2074afd63ea7cae7eb67d4b49ae58250f688bd7c8dd8386cdd5dde3a3396a979354d8d0855431ab2a99e95b19c10f9f984eead909161d48497f493
SSDEEP

1536:4aiqH1s+kCtrA2UMT0mTFibDKa1XEnEEiRDmcrf4pvBbXwV3M:51B31bdBob2QXrRCwAlAV3M

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b4546a42cc714136510da7aa65c8c14c_JaffaCakes118
- Size
  
  88KB
- MD5
  
  b4546a42cc714136510da7aa65c8c14c
- SHA1
  
  f95c63027979f565fbcc04cf68a090c55839e4d9
- SHA256
  
  386f5d05c093ae0857735573ccdd1cb42f510802b74f38a8d157a2930f651af6
- SHA512
  
  4e380def7b2074afd63ea7cae7eb67d4b49ae58250f688bd7c8dd8386cdd5dde3a3396a979354d8d0855431ab2a99e95b19c10f9f984eead909161d48497f493
- SSDEEP
  
  1536:4aiqH1s+kCtrA2UMT0mTFibDKa1XEnEEiRDmcrf4pvBbXwV3M:51B31bdBob2QXrRCwAlAV3M
Score

10^/10

persistence discovery
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence