a956be80bde1f5b83c1833fd34ab2f98ee25ae6ffce54a67cbee89099f0fab52 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d547306a9fe2b6e8d9c67b3d2d30fa86_JaffaCakes118
Size

529KB
Sample

240908-3daz7szhpq
MD5

d547306a9fe2b6e8d9c67b3d2d30fa86
SHA1

2e72e74504fa4cc4761027864fe5796bad49bb58
SHA256

a956be80bde1f5b83c1833fd34ab2f98ee25ae6ffce54a67cbee89099f0fab52
SHA512

2f7c4ce5fd5b9057b7554b909168b29f7169ffca09790f74ec3ec79cb8bd62de68587ccd7e8da951b3d03233b59a2bda3cec092443544a2dc541562f97c95d3f
SSDEEP

12288:51bb/fuGCyf9YuXoK+cBe5TuSbHTnFL+kjoPbk+5+I:51brCA9ZYKdBQu6HTFL+kw5n

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  d547306a9fe2b6e8d9c67b3d2d30fa86_JaffaCakes118
- Size
  
  529KB
- MD5
  
  d547306a9fe2b6e8d9c67b3d2d30fa86
- SHA1
  
  2e72e74504fa4cc4761027864fe5796bad49bb58
- SHA256
  
  a956be80bde1f5b83c1833fd34ab2f98ee25ae6ffce54a67cbee89099f0fab52
- SHA512
  
  2f7c4ce5fd5b9057b7554b909168b29f7169ffca09790f74ec3ec79cb8bd62de68587ccd7e8da951b3d03233b59a2bda3cec092443544a2dc541562f97c95d3f
- SSDEEP
  
  12288:51bb/fuGCyf9YuXoK+cBe5TuSbHTnFL+kjoPbk+5+I:51brCA9ZYKdBQu6HTFL+kw5n
Score

10^/10

persistence discovery
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence