14ce8a2aa567a9b36f391a36b1773abd943b5b388d06ba9a87182126bb32bde2 | Triage

Sharing

General

Target

ee9de528f112ff7db15b4d67e2523d4d_JaffaCakes118
Size

44KB
Sample

240920-27pj1stcnf
MD5

ee9de528f112ff7db15b4d67e2523d4d
SHA1

783701447be1bb1893778bcabf51b3f34ff2d8b5
SHA256

14ce8a2aa567a9b36f391a36b1773abd943b5b388d06ba9a87182126bb32bde2
SHA512

dfcec730155c48664a3e15cdd782fcd0fe77bf6f69a719fed9f146627a3c759eee053808606d86aa877ddc496e52b01ec407eab78f2e36f99d50904fcefb4a51
SSDEEP

768:vYxe62cX1j1TwNXGQR8sgxZqAKiXcdTg2PViKON8fBpyofPxRybdacCrLdl/ml:vrJc91TOGQR89xGiQTtPVSN8fBpyuCaY

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ee9de528f112ff7db15b4d67e2523d4d_JaffaCakes118
- Size
  
  44KB
- MD5
  
  ee9de528f112ff7db15b4d67e2523d4d
- SHA1
  
  783701447be1bb1893778bcabf51b3f34ff2d8b5
- SHA256
  
  14ce8a2aa567a9b36f391a36b1773abd943b5b388d06ba9a87182126bb32bde2
- SHA512
  
  dfcec730155c48664a3e15cdd782fcd0fe77bf6f69a719fed9f146627a3c759eee053808606d86aa877ddc496e52b01ec407eab78f2e36f99d50904fcefb4a51
- SSDEEP
  
  768:vYxe62cX1j1TwNXGQR8sgxZqAKiXcdTg2PViKON8fBpyofPxRybdacCrLdl/ml:vrJc91TOGQR89xGiQTtPVSN8fBpyuCaY
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence