dda1e7ddf5df35adad3de496a3f2b1b2b34ac8fa9475ee1a18147191eb4d7f36 | Triage

Sharing

General

Target

edcaa7d97bf413c3cc22b34ee9529552_JaffaCakes118
Size

483KB
Sample

240920-rt7hka1dnh
MD5

edcaa7d97bf413c3cc22b34ee9529552
SHA1

2d7ab0717a0dd8c9faaae628cbcbdbc3d2403a5e
SHA256

dda1e7ddf5df35adad3de496a3f2b1b2b34ac8fa9475ee1a18147191eb4d7f36
SHA512

2dcf0bf7e1762d214afa49d4cc60f7f8da18ace47409a26fab5abc8cc75375d203833510df9bc1a33b358861beca17afb3dcf5b3bba245a2797107ecc416112a
SSDEEP

12288:Aap9RLSUwquw9My8YE9MCC+4gVjFTcbOWSI6:Au9Rrnuw9MLjC+DPyU

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  edcaa7d97bf413c3cc22b34ee9529552_JaffaCakes118
- Size
  
  483KB
- MD5
  
  edcaa7d97bf413c3cc22b34ee9529552
- SHA1
  
  2d7ab0717a0dd8c9faaae628cbcbdbc3d2403a5e
- SHA256
  
  dda1e7ddf5df35adad3de496a3f2b1b2b34ac8fa9475ee1a18147191eb4d7f36
- SHA512
  
  2dcf0bf7e1762d214afa49d4cc60f7f8da18ace47409a26fab5abc8cc75375d203833510df9bc1a33b358861beca17afb3dcf5b3bba245a2797107ecc416112a
- SSDEEP
  
  12288:Aap9RLSUwquw9My8YE9MCC+4gVjFTcbOWSI6:Au9Rrnuw9MLjC+DPyU
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence