b0771ad8ea1621797af02a053a0785b01fb06d1630d756a952aeb6d3f7624bd7 | Triage

Sharing

General

Target

dd95a19e555ec6cc44e1a90151e2feba_JaffaCakes118
Size

156KB
Sample

240913-d347xasapq
MD5

dd95a19e555ec6cc44e1a90151e2feba
SHA1

66f07f392bcc3ff54c5406cd9c3cd9791035cfa8
SHA256

b0771ad8ea1621797af02a053a0785b01fb06d1630d756a952aeb6d3f7624bd7
SHA512

85d18f50fe5c30d5531f1f6b0f8a152c7b2f29a2125f0f6f710079209090e040d2a01c87741db385599489d07f51bf35b1d2dee0d03d76267926e88cd2e5429e
SSDEEP

3072:hP/kGXoYO0qNTw60GLB9DusQ6sFQzvg1ATZMEBaAadU/5aP4DwaWWH2:hPzXoYO0qNP0eBp+6lKAdHaAadV4Up

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  dd95a19e555ec6cc44e1a90151e2feba_JaffaCakes118
- Size
  
  156KB
- MD5
  
  dd95a19e555ec6cc44e1a90151e2feba
- SHA1
  
  66f07f392bcc3ff54c5406cd9c3cd9791035cfa8
- SHA256
  
  b0771ad8ea1621797af02a053a0785b01fb06d1630d756a952aeb6d3f7624bd7
- SHA512
  
  85d18f50fe5c30d5531f1f6b0f8a152c7b2f29a2125f0f6f710079209090e040d2a01c87741db385599489d07f51bf35b1d2dee0d03d76267926e88cd2e5429e
- SSDEEP
  
  3072:hP/kGXoYO0qNTw60GLB9DusQ6sFQzvg1ATZMEBaAadU/5aP4DwaWWH2:hPzXoYO0qNP0eBp+6lKAdHaAadV4Up
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence