aebf30741af692e6a49e98f246ed69a601c54b08e7baaee902c50d2238a5e2d2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

becf89fc09ad86aa4623490bb7a6b593_JaffaCakes118
Size

168KB
Sample

240824-r2ht6swgrn
MD5

becf89fc09ad86aa4623490bb7a6b593
SHA1

569886243b2c5bcae6a26e84c7fceebbc2a0ca87
SHA256

aebf30741af692e6a49e98f246ed69a601c54b08e7baaee902c50d2238a5e2d2
SHA512

5b666b5e2d8f7ac9839e18fdd1a0d8d359642168728fe41dd600983a8b9d28ef7e3ac2bb2c897cb0038dc2285a034b11883b9738965933a89a142d3d6559c812
SSDEEP

3072:Vd1tkglSArPZrrYjSI4cEiwSanCgxO7EATT8py7bvdJ4/LGTZvmlDL1:H1t88RrsJ5aCgxO7EATAudSKZvY

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  becf89fc09ad86aa4623490bb7a6b593_JaffaCakes118
- Size
  
  168KB
- MD5
  
  becf89fc09ad86aa4623490bb7a6b593
- SHA1
  
  569886243b2c5bcae6a26e84c7fceebbc2a0ca87
- SHA256
  
  aebf30741af692e6a49e98f246ed69a601c54b08e7baaee902c50d2238a5e2d2
- SHA512
  
  5b666b5e2d8f7ac9839e18fdd1a0d8d359642168728fe41dd600983a8b9d28ef7e3ac2bb2c897cb0038dc2285a034b11883b9738965933a89a142d3d6559c812
- SSDEEP
  
  3072:Vd1tkglSArPZrrYjSI4cEiwSanCgxO7EATT8py7bvdJ4/LGTZvmlDL1:H1t88RrsJ5aCgxO7EATAudSKZvY
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence