1efe10abee3c1d7951af64eb6f0dc7b5162e174fb4576159595fa616814b323a | Triage

Sharing

General

Target

ee5536582f39fa9ec847bac945bb256f_JaffaCakes118
Size

401KB
Sample

240920-yt8tysvgmb
MD5

ee5536582f39fa9ec847bac945bb256f
SHA1

692aa637d096545c78ee79d27896b19b4243a6f2
SHA256

1efe10abee3c1d7951af64eb6f0dc7b5162e174fb4576159595fa616814b323a
SHA512

3ef9541a436cf0856c78c060de25b7a75eeb6af2b52e8b5d574e57b2070404a427003e29caa03ef8e163c84a4d7005529615251a36823fb2d0e57923df792efc
SSDEEP

12288:/6DwM/BP64niYyqAp7CFUEV6wGShiJrw0l:QBP64hSpWUEUwLMJcy

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ee5536582f39fa9ec847bac945bb256f_JaffaCakes118
- Size
  
  401KB
- MD5
  
  ee5536582f39fa9ec847bac945bb256f
- SHA1
  
  692aa637d096545c78ee79d27896b19b4243a6f2
- SHA256
  
  1efe10abee3c1d7951af64eb6f0dc7b5162e174fb4576159595fa616814b323a
- SHA512
  
  3ef9541a436cf0856c78c060de25b7a75eeb6af2b52e8b5d574e57b2070404a427003e29caa03ef8e163c84a4d7005529615251a36823fb2d0e57923df792efc
- SSDEEP
  
  12288:/6DwM/BP64niYyqAp7CFUEV6wGShiJrw0l:QBP64hSpWUEUwLMJcy
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence