348fc36661a40d9a1e57b2f8d340d24c496634c7a35a4f704778231dd6f12e4c | Triage

Sharing

General

Target

ee0e4ea73bb1db835b27ae6abfc8b807_JaffaCakes118
Size

17KB
Sample

240920-vpyxeaxhln
MD5

ee0e4ea73bb1db835b27ae6abfc8b807
SHA1

5b433880bcce27bf7736b202cab0270049136f25
SHA256

348fc36661a40d9a1e57b2f8d340d24c496634c7a35a4f704778231dd6f12e4c
SHA512

1baa9f9bd246f35c66fd7920019082750f710611bc62fbf7c22c8254bde48f79cb42d5493f4c43269f5be150b3de860976406f3955c0e3b4488e3dcdcdbb0e14
SSDEEP

384:rZbbzpLuaUNuIKACbE06Q+l9AU9jyCPt6DUi+wiU9/+CBKerCRYSsPNzHzanIW9i:NnzpLurMA106Qi/jrPt+Nn3eYflLzrSi

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ee0e4ea73bb1db835b27ae6abfc8b807_JaffaCakes118
- Size
  
  17KB
- MD5
  
  ee0e4ea73bb1db835b27ae6abfc8b807
- SHA1
  
  5b433880bcce27bf7736b202cab0270049136f25
- SHA256
  
  348fc36661a40d9a1e57b2f8d340d24c496634c7a35a4f704778231dd6f12e4c
- SHA512
  
  1baa9f9bd246f35c66fd7920019082750f710611bc62fbf7c22c8254bde48f79cb42d5493f4c43269f5be150b3de860976406f3955c0e3b4488e3dcdcdbb0e14
- SSDEEP
  
  384:rZbbzpLuaUNuIKACbE06Q+l9AU9jyCPt6DUi+wiU9/+CBKerCRYSsPNzHzanIW9i:NnzpLurMA106Qi/jrPt+Nn3eYflLzrSi
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2