750171f268afcbc36f04e99434deaa264a3cb15a53312e29bbc2bc49cb3d9ae9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c391749261a534c20a08f4c15398d07_JaffaCakes118
Size

77KB
Sample

241009-gv3wnawhpq
MD5

2c391749261a534c20a08f4c15398d07
SHA1

078d6a5dd80b90b8e88fea1464e8a4c0c090d725
SHA256

750171f268afcbc36f04e99434deaa264a3cb15a53312e29bbc2bc49cb3d9ae9
SHA512

2aee1a700d20bbc342429fa78f14959e093c4f193a2cf6895e6710c62270da3d29a6d6d3b3f3280815a115281092d22436d30be573f872edb406bb5dad94704f
SSDEEP

1536:o3zdHimQIknM2WHiTTVatTnMMfF/Gh+NR:o3zdHiXVnM2W4JatYMfYhER

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  2c391749261a534c20a08f4c15398d07_JaffaCakes118
- Size
  
  77KB
- MD5
  
  2c391749261a534c20a08f4c15398d07
- SHA1
  
  078d6a5dd80b90b8e88fea1464e8a4c0c090d725
- SHA256
  
  750171f268afcbc36f04e99434deaa264a3cb15a53312e29bbc2bc49cb3d9ae9
- SHA512
  
  2aee1a700d20bbc342429fa78f14959e093c4f193a2cf6895e6710c62270da3d29a6d6d3b3f3280815a115281092d22436d30be573f872edb406bb5dad94704f
- SSDEEP
  
  1536:o3zdHimQIknM2WHiTTVatTnMMfF/Gh+NR:o3zdHiXVnM2W4JatYMfYhER
Score

10^/10

persistence discovery
- Modifies WinLogon for persistence
  persistence
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence