3ca2a3a42459cd3690e17983870f06c6d7f7a3723f90016a3dc9c8e2f943630d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd9d383877333890f869008754cf618e_JaffaCakes118
Size

46KB
Sample

240929-cvcx1sygne
MD5

fd9d383877333890f869008754cf618e
SHA1

bd471dd470de6770887ab19965812ac078637083
SHA256

3ca2a3a42459cd3690e17983870f06c6d7f7a3723f90016a3dc9c8e2f943630d
SHA512

2eb031c246e0b5aa3c82a3205b7a14e0ec60fac33aa58df9cac1739923b0559c927497468501c3273cfe1b9c948ac7208661dd23703aedd1e0e2db7548f7ba54
SSDEEP

768:sb1BbHJYUf0SgMXRdLH0SsKSjQg1m11G9W/kYIB+kXWkduMsE7xPEpG0FwZejKq2:szbHJYU8VKzgkOmfIhDWpGFZemeHni

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  fd9d383877333890f869008754cf618e_JaffaCakes118
- Size
  
  46KB
- MD5
  
  fd9d383877333890f869008754cf618e
- SHA1
  
  bd471dd470de6770887ab19965812ac078637083
- SHA256
  
  3ca2a3a42459cd3690e17983870f06c6d7f7a3723f90016a3dc9c8e2f943630d
- SHA512
  
  2eb031c246e0b5aa3c82a3205b7a14e0ec60fac33aa58df9cac1739923b0559c927497468501c3273cfe1b9c948ac7208661dd23703aedd1e0e2db7548f7ba54
- SSDEEP
  
  768:sb1BbHJYUf0SgMXRdLH0SsKSjQg1m11G9W/kYIB+kXWkduMsE7xPEpG0FwZejKq2:szbHJYU8VKzgkOmfIhDWpGFZemeHni
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence