8819fed22c2309ffd03078e447d22afa223b0e012acbd55401408e6851ed89ae | Triage

Sharing

General

Target

d030e469eb57187b051e06dd32429235_JaffaCakes118
Size

46KB
Sample

240906-w3yn8s1glp
MD5

d030e469eb57187b051e06dd32429235
SHA1

b94e59d2b8bb3c5e2570fc26a2353a8eb143736a
SHA256

8819fed22c2309ffd03078e447d22afa223b0e012acbd55401408e6851ed89ae
SHA512

2d687a08d629c41e7d3968201ffb42c97eef211af3c05fae002d864efc39d1022f17733d832dbc471db4b778ab09f43f6e17d16fada4f311a3474dc1eb8c2f5a
SSDEEP

768:w66sfXpK5fAV6vk79es81FjNbwA6ddvs8TVgEparMXRtJ5y4ZiX:FXRSTFaA6Ts8TVtoQhP5QX

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  d030e469eb57187b051e06dd32429235_JaffaCakes118
- Size
  
  46KB
- MD5
  
  d030e469eb57187b051e06dd32429235
- SHA1
  
  b94e59d2b8bb3c5e2570fc26a2353a8eb143736a
- SHA256
  
  8819fed22c2309ffd03078e447d22afa223b0e012acbd55401408e6851ed89ae
- SHA512
  
  2d687a08d629c41e7d3968201ffb42c97eef211af3c05fae002d864efc39d1022f17733d832dbc471db4b778ab09f43f6e17d16fada4f311a3474dc1eb8c2f5a
- SSDEEP
  
  768:w66sfXpK5fAV6vk79es81FjNbwA6ddvs8TVgEparMXRtJ5y4ZiX:FXRSTFaA6Ts8TVtoQhP5QX
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence