f892c2e646f03a662e1057cb47793870318d8312532459fe398fc3573f7df459 | Triage

Sharing

General

Target

ef276025b9e93268c4458c3aba90c46f_JaffaCakes118
Size

34KB
Sample

240921-f8sr6sxcqm
MD5

ef276025b9e93268c4458c3aba90c46f
SHA1

cf97fbe106afe010c7428a15b3e7eadfea295bc7
SHA256

f892c2e646f03a662e1057cb47793870318d8312532459fe398fc3573f7df459
SHA512

0950892f4202076dd3ab683ea1399988f1070ab15689bb2ed03f4236e64f6258c994de683e742593e674fc7a4673cee05cc428a471ded01f424819ec97a80ee0
SSDEEP

768:gnjXG2X4oU1xyKhHOTC6ghXK/a6bk4AmAarizX0KIpJKZa:grhQx1uT7gs/GmA8tpkZa

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  ef276025b9e93268c4458c3aba90c46f_JaffaCakes118
- Size
  
  34KB
- MD5
  
  ef276025b9e93268c4458c3aba90c46f
- SHA1
  
  cf97fbe106afe010c7428a15b3e7eadfea295bc7
- SHA256
  
  f892c2e646f03a662e1057cb47793870318d8312532459fe398fc3573f7df459
- SHA512
  
  0950892f4202076dd3ab683ea1399988f1070ab15689bb2ed03f4236e64f6258c994de683e742593e674fc7a4673cee05cc428a471ded01f424819ec97a80ee0
- SSDEEP
  
  768:gnjXG2X4oU1xyKhHOTC6ghXK/a6bk4AmAarizX0KIpJKZa:grhQx1uT7gs/GmA8tpkZa
Score

7^/10

discovery persistence
- Loads dropped DLL
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence