b4055bede9119453ea21c66d5c379042ddcd9c0cb966adcaf239aec1238f24a2 | Triage

Sharing

General

Target

fc5e13508f90b1cb266a8022ff0ae3f9_JaffaCakes118
Size

151KB
Sample

240928-qehefsxdpq
MD5

fc5e13508f90b1cb266a8022ff0ae3f9
SHA1

e22af3fd7c958fe185ec8ca522050587b22dba5c
SHA256

b4055bede9119453ea21c66d5c379042ddcd9c0cb966adcaf239aec1238f24a2
SHA512

b2a52edd7d1f0f605884e8460237edd6a1449cf160a63a243decdac9c40b9072c255511306d41db22b94c7fd6f67817fdbc8f5df45acd3e41d7ec2aa1e1f9fa2
SSDEEP

3072:pIER9uWvJqRUuPhnbWX37uA6MGBG+5tQEUODZwq:pFMtR7Ptb237j6Mi3QEUODZN

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  fc5e13508f90b1cb266a8022ff0ae3f9_JaffaCakes118
- Size
  
  151KB
- MD5
  
  fc5e13508f90b1cb266a8022ff0ae3f9
- SHA1
  
  e22af3fd7c958fe185ec8ca522050587b22dba5c
- SHA256
  
  b4055bede9119453ea21c66d5c379042ddcd9c0cb966adcaf239aec1238f24a2
- SHA512
  
  b2a52edd7d1f0f605884e8460237edd6a1449cf160a63a243decdac9c40b9072c255511306d41db22b94c7fd6f67817fdbc8f5df45acd3e41d7ec2aa1e1f9fa2
- SSDEEP
  
  3072:pIER9uWvJqRUuPhnbWX37uA6MGBG+5tQEUODZwq:pFMtR7Ptb237j6Mi3QEUODZN
Score

7^/10

discovery persistence
- Loads dropped DLL
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence