71a835f2e11d665bb16783780a9a7a1da6988d73f102c85e89d2bace4ab8e983 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db7eacf4fdf2d2d12f683c23adcddd46_JaffaCakes118
Size

200KB
Sample

240912-as2ggs1gll
MD5

db7eacf4fdf2d2d12f683c23adcddd46
SHA1

bea57f0d0b92760d93095d769a8d13a24396d6a8
SHA256

71a835f2e11d665bb16783780a9a7a1da6988d73f102c85e89d2bace4ab8e983
SHA512

a705fefd5467db83ff9ef23448fed1b5263a097f1de4bef6d09cda97cc96a2421a6b968523e501abd3b228a8a3fa2d8ae66890e0303c462c7d4ea43845581e4f
SSDEEP

1536:tAIolq8W8B0A/bP01kKAfJTwwxWRbVCuZ3SCaK/I84kdD9nNPAHbnBQiTvzQXctb:PmBJhJTwwxW9OCaKQ+FNPAFP7MXWMr2

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  db7eacf4fdf2d2d12f683c23adcddd46_JaffaCakes118
- Size
  
  200KB
- MD5
  
  db7eacf4fdf2d2d12f683c23adcddd46
- SHA1
  
  bea57f0d0b92760d93095d769a8d13a24396d6a8
- SHA256
  
  71a835f2e11d665bb16783780a9a7a1da6988d73f102c85e89d2bace4ab8e983
- SHA512
  
  a705fefd5467db83ff9ef23448fed1b5263a097f1de4bef6d09cda97cc96a2421a6b968523e501abd3b228a8a3fa2d8ae66890e0303c462c7d4ea43845581e4f
- SSDEEP
  
  1536:tAIolq8W8B0A/bP01kKAfJTwwxWRbVCuZ3SCaK/I84kdD9nNPAHbnBQiTvzQXctb:PmBJhJTwwxW9OCaKQ+FNPAFP7MXWMr2
Score

6^/10

persistence discovery
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2