aae1b11addc49448422a9988bf18d4e763511bb438a1973084f4381d7a571de4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cb91c40e7c1ae25463194eab1f3878d_JaffaCakes118
Size

18KB
Sample

241002-2g1jlavbna
MD5

0cb91c40e7c1ae25463194eab1f3878d
SHA1

982e391cd6bcb76368611b64cb49faf4538a38cd
SHA256

aae1b11addc49448422a9988bf18d4e763511bb438a1973084f4381d7a571de4
SHA512

18e5245053ea4e28bb24acb0847fdc2cec0618e596f8006697e93d0029b0ef2404ce35c587aa6c2537e628ccfdf6431a63b794d1017e3f00a83e2c382917df8e
SSDEEP

384:5WGTrjxlQR5Y+w1HkOSKUay0O3VnHx1QSc97hOdMOAOBcF+0:A49iR5tROSey0g/1ZOhQmeco0

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  0cb91c40e7c1ae25463194eab1f3878d_JaffaCakes118
- Size
  
  18KB
- MD5
  
  0cb91c40e7c1ae25463194eab1f3878d
- SHA1
  
  982e391cd6bcb76368611b64cb49faf4538a38cd
- SHA256
  
  aae1b11addc49448422a9988bf18d4e763511bb438a1973084f4381d7a571de4
- SHA512
  
  18e5245053ea4e28bb24acb0847fdc2cec0618e596f8006697e93d0029b0ef2404ce35c587aa6c2537e628ccfdf6431a63b794d1017e3f00a83e2c382917df8e
- SSDEEP
  
  384:5WGTrjxlQR5Y+w1HkOSKUay0O3VnHx1QSc97hOdMOAOBcF+0:A49iR5tROSey0g/1ZOhQmeco0
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2