1e9e557e0f8fbccf131ca0a4f78fd36b00bad943ee96725faa2b786576e30e1d | Triage

Sharing

General

Target

bf1328bfe337acdd7356f3b75a5cdd20_JaffaCakes118
Size

48KB
Sample

240824-vra85asdkm
MD5

bf1328bfe337acdd7356f3b75a5cdd20
SHA1

b020603bbf560e4fb882458b4004914a45b23d6f
SHA256

1e9e557e0f8fbccf131ca0a4f78fd36b00bad943ee96725faa2b786576e30e1d
SHA512

6db4acb5ab19374d20ce6e3ffc7340e1c951ef3296633886250d8d6a25e85b242ef5748681b75f4d988fae169f76ae12f131a754e37d6f0fc15778f41d6a395d
SSDEEP

768:5vF6FrujGCRADyvU0Vhh0r1myMa7QnLh4JFRrRHdyNtULwa4YNvHGph3ZY8udI5N:CrdDNM0r11PGLh4n0nyNvHGTsIJ2

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  bf1328bfe337acdd7356f3b75a5cdd20_JaffaCakes118
- Size
  
  48KB
- MD5
  
  bf1328bfe337acdd7356f3b75a5cdd20
- SHA1
  
  b020603bbf560e4fb882458b4004914a45b23d6f
- SHA256
  
  1e9e557e0f8fbccf131ca0a4f78fd36b00bad943ee96725faa2b786576e30e1d
- SHA512
  
  6db4acb5ab19374d20ce6e3ffc7340e1c951ef3296633886250d8d6a25e85b242ef5748681b75f4d988fae169f76ae12f131a754e37d6f0fc15778f41d6a395d
- SSDEEP
  
  768:5vF6FrujGCRADyvU0Vhh0r1myMa7QnLh4JFRrRHdyNtULwa4YNvHGph3ZY8udI5N:CrdDNM0r11PGLh4n0nyNvHGTsIJ2
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2