aad2863b1ecfd23dcff107c6b18e795409e104d9432afb16e5406a8592d088e7 | Triage

Sharing

General

Target

183d479729ec12b5392f38e43d21a225_JaffaCakes118
Size

260KB
Sample

241006-qg66lazenf
MD5

183d479729ec12b5392f38e43d21a225
SHA1

81d1f949e4325786304291f609de4ab5517f1bef
SHA256

aad2863b1ecfd23dcff107c6b18e795409e104d9432afb16e5406a8592d088e7
SHA512

b3cc1c93393bc03a7fe5657a78630447fc1944607290b2ad9a5250e7e8a55d51aa85086e355fa8c54368fd5f2b3d39d1600f93b1ac40b920871a000578d22910
SSDEEP

3072:9L7ZBKU0lY6AteRxRHYyLf4PnVRZSwdz:zI/lY6AIRx5ZbcH

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  183d479729ec12b5392f38e43d21a225_JaffaCakes118
- Size
  
  260KB
- MD5
  
  183d479729ec12b5392f38e43d21a225
- SHA1
  
  81d1f949e4325786304291f609de4ab5517f1bef
- SHA256
  
  aad2863b1ecfd23dcff107c6b18e795409e104d9432afb16e5406a8592d088e7
- SHA512
  
  b3cc1c93393bc03a7fe5657a78630447fc1944607290b2ad9a5250e7e8a55d51aa85086e355fa8c54368fd5f2b3d39d1600f93b1ac40b920871a000578d22910
- SSDEEP
  
  3072:9L7ZBKU0lY6AteRxRHYyLf4PnVRZSwdz:zI/lY6AIRx5ZbcH
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence