77fed0d6b27fbd2f7f399204f753cff379cea34acc0054d6ff4ed70e88b39cb7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f07130c120d7a48fa30392fe36d4facf_JaffaCakes118
Size

505KB
Sample

240921-xkxvnaxgkb
MD5

f07130c120d7a48fa30392fe36d4facf
SHA1

7f4ae190d0911d28927d21254a988ee33e95ff5f
SHA256

77fed0d6b27fbd2f7f399204f753cff379cea34acc0054d6ff4ed70e88b39cb7
SHA512

1fba178a8b8d71b0559c139e23b3f0b07180389626d7e1341d01b35e577badf9d304ac21e55507e473a1f94ddb5843cdbed700a59c461b58fd414354fe8cb7ca
SSDEEP

12288:859c0crpC9Mbyz1IijUKnElTrTNlPldYXH:kJcr89YGFUWElTN56

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  f07130c120d7a48fa30392fe36d4facf_JaffaCakes118
- Size
  
  505KB
- MD5
  
  f07130c120d7a48fa30392fe36d4facf
- SHA1
  
  7f4ae190d0911d28927d21254a988ee33e95ff5f
- SHA256
  
  77fed0d6b27fbd2f7f399204f753cff379cea34acc0054d6ff4ed70e88b39cb7
- SHA512
  
  1fba178a8b8d71b0559c139e23b3f0b07180389626d7e1341d01b35e577badf9d304ac21e55507e473a1f94ddb5843cdbed700a59c461b58fd414354fe8cb7ca
- SSDEEP
  
  12288:859c0crpC9Mbyz1IijUKnElTrTNlPldYXH:kJcr89YGFUWElTN56
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence