c6528a80d33935889303e4ccdd283f4881079da9b065792fae355c72b5072230 | Triage

Sharing

General

Target

b8f4ac521d98ae8cca727cb6aef4d6bf_JaffaCakes118
Size

29KB
Sample

240822-yrt8saxgnm
MD5

b8f4ac521d98ae8cca727cb6aef4d6bf
SHA1

cb70ed289a79a0d7f24410176c17e4570fc3e545
SHA256

c6528a80d33935889303e4ccdd283f4881079da9b065792fae355c72b5072230
SHA512

30dde87e88a89ecb739afa49393fa785c37292042f37a9e7692dfada98fe9a3c61f3519ac914349d760030cae694e97ba9db855bc5273e25dc770819c8f97768
SSDEEP

384:HPmTeb4jYTkPwIuJ6MdXJy8b3sYOXJ5dOMYuBGxOwuIwzgb2el0wYcwWIv9SeCBi:HeluoUZx3sYWp+RwwIgbUwYcwS

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b8f4ac521d98ae8cca727cb6aef4d6bf_JaffaCakes118
- Size
  
  29KB
- MD5
  
  b8f4ac521d98ae8cca727cb6aef4d6bf
- SHA1
  
  cb70ed289a79a0d7f24410176c17e4570fc3e545
- SHA256
  
  c6528a80d33935889303e4ccdd283f4881079da9b065792fae355c72b5072230
- SHA512
  
  30dde87e88a89ecb739afa49393fa785c37292042f37a9e7692dfada98fe9a3c61f3519ac914349d760030cae694e97ba9db855bc5273e25dc770819c8f97768
- SSDEEP
  
  384:HPmTeb4jYTkPwIuJ6MdXJy8b3sYOXJ5dOMYuBGxOwuIwzgb2el0wYcwWIv9SeCBi:HeluoUZx3sYWp+RwwIgbUwYcwS
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence