2ccafab0a3c92790e38c774a91323277f36bd3b3725323406c871399e3cecb6d | Triage

Sharing

General

Target

00c8ff32d9cb8f064e04cd4120e253e0_JaffaCakes118
Size

398KB
Sample

240930-l5zzzayhlj
MD5

00c8ff32d9cb8f064e04cd4120e253e0
SHA1

386a40951c47142d1498c15bf3196d174233d4d6
SHA256

2ccafab0a3c92790e38c774a91323277f36bd3b3725323406c871399e3cecb6d
SHA512

3e643f28c3e260e031ef680dd5de7012230dc4e0357695f334a0ee287a345a4f661592fffbf381233c492e5381f6f97a195821460f5ca7ac4ce509e668e0316c
SSDEEP

12288:51bDylWeZQ+CkfEJXE/UeWdo9Wct2LiWH:51bSN7kxoFt2GWH

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  00c8ff32d9cb8f064e04cd4120e253e0_JaffaCakes118
- Size
  
  398KB
- MD5
  
  00c8ff32d9cb8f064e04cd4120e253e0
- SHA1
  
  386a40951c47142d1498c15bf3196d174233d4d6
- SHA256
  
  2ccafab0a3c92790e38c774a91323277f36bd3b3725323406c871399e3cecb6d
- SHA512
  
  3e643f28c3e260e031ef680dd5de7012230dc4e0357695f334a0ee287a345a4f661592fffbf381233c492e5381f6f97a195821460f5ca7ac4ce509e668e0316c
- SSDEEP
  
  12288:51bDylWeZQ+CkfEJXE/UeWdo9Wct2LiWH:51bSN7kxoFt2GWH
Score

10^/10

persistence discovery
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence