cdfb50e4461f165cb458278727378d6b87bf43268377cb2d3618ee0ea2fc093e | Triage

Sharing

General

Target

ecfc5683afba6e30633111fde4a4ffcf_JaffaCakes118
Size

61KB
Sample

240920-gt3jhasbkg
MD5

ecfc5683afba6e30633111fde4a4ffcf
SHA1

91301f9ba69ed22fc9528d7082587d8cfa57a0e1
SHA256

cdfb50e4461f165cb458278727378d6b87bf43268377cb2d3618ee0ea2fc093e
SHA512

c66290909c15a59d8b6362876608f340909bdbe25a595f1e135e234c7e57ed0b0454872d6384c0a1ec1eaabd1d2109511d5f4ee05fad7e2f2733412b40658eb6
SSDEEP

768:56xDxxIZ+KzFGoLeGgy1scxGD1WRdDsTOxJgw+9SA+ShNwGSMiDPMGdzJ9IrStHV:52bKhN314WfUOxJgwFAXVIorz7M

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ecfc5683afba6e30633111fde4a4ffcf_JaffaCakes118
- Size
  
  61KB
- MD5
  
  ecfc5683afba6e30633111fde4a4ffcf
- SHA1
  
  91301f9ba69ed22fc9528d7082587d8cfa57a0e1
- SHA256
  
  cdfb50e4461f165cb458278727378d6b87bf43268377cb2d3618ee0ea2fc093e
- SHA512
  
  c66290909c15a59d8b6362876608f340909bdbe25a595f1e135e234c7e57ed0b0454872d6384c0a1ec1eaabd1d2109511d5f4ee05fad7e2f2733412b40658eb6
- SSDEEP
  
  768:56xDxxIZ+KzFGoLeGgy1scxGD1WRdDsTOxJgw+9SA+ShNwGSMiDPMGdzJ9IrStHV:52bKhN314WfUOxJgwFAXVIorz7M
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence