68716cc7460c396183e5b295a582176314342505456573628c6ef56075d7f9b3 | Triage

Sharing

General

Target

b9467f290df84a1351829c2cfbd149a3_JaffaCakes118
Size

16KB
Sample

240822-1qbfdszcqc
MD5

b9467f290df84a1351829c2cfbd149a3
SHA1

0e1030fca1d8ebd2417b23243c18063a20ff485b
SHA256

68716cc7460c396183e5b295a582176314342505456573628c6ef56075d7f9b3
SHA512

7c006a45aa61161b6a465e4b184c5f7a54b194d8429de30279371fb3b363d288b6bae22f36ac11cb97cb0c049f427abb47336c3a9ea9d06a4563a8c541752e42
SSDEEP

384:QTBnQ0H8fdEiMxDz5mqsx6A3FR2GcKOZbk0C:ABnjVmqsTH25bk0C

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b9467f290df84a1351829c2cfbd149a3_JaffaCakes118
- Size
  
  16KB
- MD5
  
  b9467f290df84a1351829c2cfbd149a3
- SHA1
  
  0e1030fca1d8ebd2417b23243c18063a20ff485b
- SHA256
  
  68716cc7460c396183e5b295a582176314342505456573628c6ef56075d7f9b3
- SHA512
  
  7c006a45aa61161b6a465e4b184c5f7a54b194d8429de30279371fb3b363d288b6bae22f36ac11cb97cb0c049f427abb47336c3a9ea9d06a4563a8c541752e42
- SSDEEP
  
  384:QTBnQ0H8fdEiMxDz5mqsx6A3FR2GcKOZbk0C:ABnjVmqsTH25bk0C
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence