cf353fff144a1bf7b5e7caa1277ce129b9a2ece6217614a4ffa56ef00c94862c | Triage

Sharing

General

Target

ef2226fd41deb80c85fe8de35fb7aa15_JaffaCakes118
Size

834KB
Sample

240921-fx9ljswhkk
MD5

ef2226fd41deb80c85fe8de35fb7aa15
SHA1

c605f6bf6aa26977abff25a88a4ef87dbf42c585
SHA256

cf353fff144a1bf7b5e7caa1277ce129b9a2ece6217614a4ffa56ef00c94862c
SHA512

abb863edfdc24a5d0eca7d1ed42fca2c78c678de4679368926840908b0d0bb8618ec8601085e8b67629dfbd309df49ebd2ba1ed8821df681284f2fb3d3933e15
SSDEEP

24576:J+4iTINOs9P7Nw+KjVbAITjWIONyjAYZPhI:riTIV9P7NYVXS1YW

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ef2226fd41deb80c85fe8de35fb7aa15_JaffaCakes118
- Size
  
  834KB
- MD5
  
  ef2226fd41deb80c85fe8de35fb7aa15
- SHA1
  
  c605f6bf6aa26977abff25a88a4ef87dbf42c585
- SHA256
  
  cf353fff144a1bf7b5e7caa1277ce129b9a2ece6217614a4ffa56ef00c94862c
- SHA512
  
  abb863edfdc24a5d0eca7d1ed42fca2c78c678de4679368926840908b0d0bb8618ec8601085e8b67629dfbd309df49ebd2ba1ed8821df681284f2fb3d3933e15
- SSDEEP
  
  24576:J+4iTINOs9P7Nw+KjVbAITjWIONyjAYZPhI:riTIV9P7NYVXS1YW
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence