1b70e01399499b07562f2ab3e959251ef7dba337fdc1f9ea32ae7a091096ddaa | Triage

Sharing

General

Target

ece86d1af9bc8b1e40a8b9213836c9c0_JaffaCakes118
Size

701KB
Sample

240920-fxr2ha1brl
MD5

ece86d1af9bc8b1e40a8b9213836c9c0
SHA1

752e6de9f267a912771d161261a76e7c25a6f9cb
SHA256

1b70e01399499b07562f2ab3e959251ef7dba337fdc1f9ea32ae7a091096ddaa
SHA512

bf1548d162f6ab07b744bbfc6bf16d1b73c48796fafad6d2516324f05c1732e61e948d7f3ed80f79aa3a88bcd203dcf8528e963959ccc81377dbce10d6c26dce
SSDEEP

12288:vU/g01urtavBja+Z1YyoD40OxGEednMXVhipqSS6HKbtxudCY43z:vnrQvB3clZEgnmV8n4btDYmz

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ece86d1af9bc8b1e40a8b9213836c9c0_JaffaCakes118
- Size
  
  701KB
- MD5
  
  ece86d1af9bc8b1e40a8b9213836c9c0
- SHA1
  
  752e6de9f267a912771d161261a76e7c25a6f9cb
- SHA256
  
  1b70e01399499b07562f2ab3e959251ef7dba337fdc1f9ea32ae7a091096ddaa
- SHA512
  
  bf1548d162f6ab07b744bbfc6bf16d1b73c48796fafad6d2516324f05c1732e61e948d7f3ed80f79aa3a88bcd203dcf8528e963959ccc81377dbce10d6c26dce
- SSDEEP
  
  12288:vU/g01urtavBja+Z1YyoD40OxGEednMXVhipqSS6HKbtxudCY43z:vnrQvB3clZEgnmV8n4btDYmz
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence