26cf92bb5aa88dd669c48cb88aa498049aab4cf175649648a3857a6c3319ddcb | Triage

Sharing

General

Target

ece7761b6353ac27b75e9f65d2b528bf_JaffaCakes118
Size

602KB
Sample

240920-fwckeszfla
MD5

ece7761b6353ac27b75e9f65d2b528bf
SHA1

66ebb7a1cd21b4a76703572aae9df32eb0667f74
SHA256

26cf92bb5aa88dd669c48cb88aa498049aab4cf175649648a3857a6c3319ddcb
SHA512

9490c51180a7e8bab60d19b74d9fab0176d3dc4b8042ea2abca3fad65a82e38ff052d7d71684e793582456b30d0980924c115a7279aade4ea553574aca1926f4
SSDEEP

12288:i8hk6QUA+Wye1ch88sYnv45krL5tXyoiylj+usEA5QIjDRR8w:NhkWNJrhmYg5MbTTsum5hRN

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ece7761b6353ac27b75e9f65d2b528bf_JaffaCakes118
- Size
  
  602KB
- MD5
  
  ece7761b6353ac27b75e9f65d2b528bf
- SHA1
  
  66ebb7a1cd21b4a76703572aae9df32eb0667f74
- SHA256
  
  26cf92bb5aa88dd669c48cb88aa498049aab4cf175649648a3857a6c3319ddcb
- SHA512
  
  9490c51180a7e8bab60d19b74d9fab0176d3dc4b8042ea2abca3fad65a82e38ff052d7d71684e793582456b30d0980924c115a7279aade4ea553574aca1926f4
- SSDEEP
  
  12288:i8hk6QUA+Wye1ch88sYnv45krL5tXyoiylj+usEA5QIjDRR8w:NhkWNJrhmYg5MbTTsum5hRN
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence