5be138c79639a8d52d1d5e9e54a256000b9038e3d21ceff2127a9d23f31090a6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d5cc5d1a254353a75c7854752c694fe1_JaffaCakes118
Size

443KB
Sample

240909-hd2spsyamb
MD5

d5cc5d1a254353a75c7854752c694fe1
SHA1

8dcfc520af61f7854de516054d90df604fddbbfe
SHA256

5be138c79639a8d52d1d5e9e54a256000b9038e3d21ceff2127a9d23f31090a6
SHA512

e6d0baf6442af26eed3a5709568c08b97b77882a24fd146b0101a661f728a031a90c87f7ab7ecc8d21e1395f6d50bfd18d5de9b5fef907f8f58ddd95fecfd17a
SSDEEP

1536:ik5DHdoOLgDwODNGklxV7jbiv+lkUtCi3fE1lDeO5k5DHxi0:iiDkDrNGkl/bPRtCi3c155i5

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  d5cc5d1a254353a75c7854752c694fe1_JaffaCakes118
- Size
  
  443KB
- MD5
  
  d5cc5d1a254353a75c7854752c694fe1
- SHA1
  
  8dcfc520af61f7854de516054d90df604fddbbfe
- SHA256
  
  5be138c79639a8d52d1d5e9e54a256000b9038e3d21ceff2127a9d23f31090a6
- SHA512
  
  e6d0baf6442af26eed3a5709568c08b97b77882a24fd146b0101a661f728a031a90c87f7ab7ecc8d21e1395f6d50bfd18d5de9b5fef907f8f58ddd95fecfd17a
- SSDEEP
  
  1536:ik5DHdoOLgDwODNGklxV7jbiv+lkUtCi3fE1lDeO5k5DHxi0:iiDkDrNGkl/bPRtCi3c155i5
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Event Triggered Execution: Image File Execution Options Injection
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Event Triggered Execution

Image File Execution Options Injection

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Event Triggered Execution

Image File Execution Options Injection

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2