e72b8cfd4e968e4b5f72ce3a17b1048e9364ce2bed852404936d41aac81dfac9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b705d245e65cd1cd306e4dfd895896da_JaffaCakes118
Size

161KB
Sample

240822-kpy73axfma
MD5

b705d245e65cd1cd306e4dfd895896da
SHA1

f8c6806629ab14b3bc5c2704b13cf55550139aa9
SHA256

e72b8cfd4e968e4b5f72ce3a17b1048e9364ce2bed852404936d41aac81dfac9
SHA512

73e37158147fcff8ba92c7e30d7dc674600bc97485bb5c9da649ff8eed8ebcdfa1b2edcc522cdd4b2fd5cbe758e7de227f7d6b72d75ca1d961066e30118c6a67
SSDEEP

3072:d65S6dOYuBYzqz5xmLsN59k4C5xFxuFlgs76MpI7C8jH8wr8KXrtd0aT:U8fYrq9xZkVGfN6AI71c4XLtT

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b705d245e65cd1cd306e4dfd895896da_JaffaCakes118
- Size
  
  161KB
- MD5
  
  b705d245e65cd1cd306e4dfd895896da
- SHA1
  
  f8c6806629ab14b3bc5c2704b13cf55550139aa9
- SHA256
  
  e72b8cfd4e968e4b5f72ce3a17b1048e9364ce2bed852404936d41aac81dfac9
- SHA512
  
  73e37158147fcff8ba92c7e30d7dc674600bc97485bb5c9da649ff8eed8ebcdfa1b2edcc522cdd4b2fd5cbe758e7de227f7d6b72d75ca1d961066e30118c6a67
- SSDEEP
  
  3072:d65S6dOYuBYzqz5xmLsN59k4C5xFxuFlgs76MpI7C8jH8wr8KXrtd0aT:U8fYrq9xZkVGfN6AI71c4XLtT
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence