c111ee5a7d93fbe4edf5c6a9650271c732f2cf153f8ffad7aeea084a428e8ba0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce72733467b68d32457476abacf000c2_JaffaCakes118
Size

236KB
Sample

240906-c2me2asalc
MD5

ce72733467b68d32457476abacf000c2
SHA1

aa62abdd7c53c422852eeead008a5fa19a928363
SHA256

c111ee5a7d93fbe4edf5c6a9650271c732f2cf153f8ffad7aeea084a428e8ba0
SHA512

5ed79e1d3aa60ec4a190f3584565f806f5f61352a576fa4076dfd99ece09439086a92780db468a71e2de90bcc55539ea41c92925378a71dc74de14f8ac822efa
SSDEEP

6144:m5TCnL5Vq2+NFVkyJ6G827TxtbWTM2+404+19s1Z8Z:m5SLGNFG5G8I7bWz+403lZ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ce72733467b68d32457476abacf000c2_JaffaCakes118
- Size
  
  236KB
- MD5
  
  ce72733467b68d32457476abacf000c2
- SHA1
  
  aa62abdd7c53c422852eeead008a5fa19a928363
- SHA256
  
  c111ee5a7d93fbe4edf5c6a9650271c732f2cf153f8ffad7aeea084a428e8ba0
- SHA512
  
  5ed79e1d3aa60ec4a190f3584565f806f5f61352a576fa4076dfd99ece09439086a92780db468a71e2de90bcc55539ea41c92925378a71dc74de14f8ac822efa
- SSDEEP
  
  6144:m5TCnL5Vq2+NFVkyJ6G827TxtbWTM2+404+19s1Z8Z:m5SLGNFG5G8I7bWz+403lZ
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence