96fd237ca49ab954a2d7652db819edf539c68249176da6903502d73926a7f68a | Triage

Sharing

General

Target

ce63944f882f586f275c1b5ad87e75b3_JaffaCakes118
Size

43KB
Sample

240906-cd9knazhrc
MD5

ce63944f882f586f275c1b5ad87e75b3
SHA1

3881e6172cfa84b0ebeae38669a6126c88ee5ab9
SHA256

96fd237ca49ab954a2d7652db819edf539c68249176da6903502d73926a7f68a
SHA512

3840b337187b724d1b734463119d4bd802cddd4ccfa56b70efa9b7f07f20087e19a6407db51de56c49c683adb94ad6515c10ec7397e27af18682d056a191419a
SSDEEP

768:8FTz9RnaF5JBINd0Nq4xdtpT3w1ORwQlXa2COTqW9eyYgZtQUb9S1t3c6z/EFQm:8FTyFDBLYcdAwBa2XqCe5gr7YT5rm

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ce63944f882f586f275c1b5ad87e75b3_JaffaCakes118
- Size
  
  43KB
- MD5
  
  ce63944f882f586f275c1b5ad87e75b3
- SHA1
  
  3881e6172cfa84b0ebeae38669a6126c88ee5ab9
- SHA256
  
  96fd237ca49ab954a2d7652db819edf539c68249176da6903502d73926a7f68a
- SHA512
  
  3840b337187b724d1b734463119d4bd802cddd4ccfa56b70efa9b7f07f20087e19a6407db51de56c49c683adb94ad6515c10ec7397e27af18682d056a191419a
- SSDEEP
  
  768:8FTz9RnaF5JBINd0Nq4xdtpT3w1ORwQlXa2COTqW9eyYgZtQUb9S1t3c6z/EFQm:8FTyFDBLYcdAwBa2XqCe5gr7YT5rm
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence