4683aeb65a21e405a621137908ee3fb2abd6877e642d2ee71758510c220ef9d3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ebdea0cce58011ae120ef15da414b6ed_JaffaCakes118
Size

1.3MB
Sample

240919-wb2lta1fme
MD5

ebdea0cce58011ae120ef15da414b6ed
SHA1

aaa1f0a0e1a761d1a187aae35e855b1302360c05
SHA256

4683aeb65a21e405a621137908ee3fb2abd6877e642d2ee71758510c220ef9d3
SHA512

063023a84eccb389c821c2b89f10251532903a5bcbd458ac536baf44c3c6b024cd766347cf27a250f396179dd95cbe222e8038d5e080cf4970f6bbb75c7b2ae1
SSDEEP

24576:Fui2hSaudhebC0XLn/U8AUrOOkqb3MT36PFLtL0h55Fm+6BtstMF43A4Q:FN2y01GUrOOZ46PAs+kamKHQ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ebdea0cce58011ae120ef15da414b6ed_JaffaCakes118
- Size
  
  1.3MB
- MD5
  
  ebdea0cce58011ae120ef15da414b6ed
- SHA1
  
  aaa1f0a0e1a761d1a187aae35e855b1302360c05
- SHA256
  
  4683aeb65a21e405a621137908ee3fb2abd6877e642d2ee71758510c220ef9d3
- SHA512
  
  063023a84eccb389c821c2b89f10251532903a5bcbd458ac536baf44c3c6b024cd766347cf27a250f396179dd95cbe222e8038d5e080cf4970f6bbb75c7b2ae1
- SSDEEP
  
  24576:Fui2hSaudhebC0XLn/U8AUrOOkqb3MT36PFLtL0h55Fm+6BtstMF43A4Q:FN2y01GUrOOZ46PAs+kamKHQ
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence