bdce0a271d39c43221702e5b6788b0cb8d9ae3f90c4e0a860d992f05668a3d8e | Triage

Sharing

General

Target

ed6218f8bb8bdaffbac91ea4d561894d_JaffaCakes118
Size

272KB
Sample

240920-mdny3a1hnl
MD5

ed6218f8bb8bdaffbac91ea4d561894d
SHA1

b9f76539abac8dd304869774a20b383d34d175fa
SHA256

bdce0a271d39c43221702e5b6788b0cb8d9ae3f90c4e0a860d992f05668a3d8e
SHA512

1bcba4f0ae606d9baf25ccf24f203a80a5b42b5e050d68a3a95d90febac0c9e5b97d25ad0b28d773650ee18d7ec4a3aa5fab6715cb990876715c290b1b36c1bf
SSDEEP

6144:JTwRsHYPoJ3LHTYrBWnCrzAY0oyjc7xB:6yHFTYdWnCnH+sxB

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ed6218f8bb8bdaffbac91ea4d561894d_JaffaCakes118
- Size
  
  272KB
- MD5
  
  ed6218f8bb8bdaffbac91ea4d561894d
- SHA1
  
  b9f76539abac8dd304869774a20b383d34d175fa
- SHA256
  
  bdce0a271d39c43221702e5b6788b0cb8d9ae3f90c4e0a860d992f05668a3d8e
- SHA512
  
  1bcba4f0ae606d9baf25ccf24f203a80a5b42b5e050d68a3a95d90febac0c9e5b97d25ad0b28d773650ee18d7ec4a3aa5fab6715cb990876715c290b1b36c1bf
- SSDEEP
  
  6144:JTwRsHYPoJ3LHTYrBWnCrzAY0oyjc7xB:6yHFTYdWnCnH+sxB
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2