b0b60a1cb970022aa9315a91784ed678282127ec9c9a11b85a96b8b1487a50fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2dd8f3bb1a9f171033fe6735e4dbb5cb_JaffaCakes118
Size

87KB
Sample

241009-kaak6asena
MD5

2dd8f3bb1a9f171033fe6735e4dbb5cb
SHA1

72af89b7a669bb62e6ec326664f3a091fcc2d683
SHA256

b0b60a1cb970022aa9315a91784ed678282127ec9c9a11b85a96b8b1487a50fc
SHA512

7ab19d6a19a6c533d1c4f2f7b45e43c02f868a110c4294b2c387440fe68add0162795aaa396deebf5787c90a72250cab31a824082f05ee1b34c11fb06a8cdff6
SSDEEP

1536:EizQjrrQ3hz9LH5i8wUkMP6girYduKjGyP5EcfU:EcQTA5OrMjGyP5E7

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  2dd8f3bb1a9f171033fe6735e4dbb5cb_JaffaCakes118
- Size
  
  87KB
- MD5
  
  2dd8f3bb1a9f171033fe6735e4dbb5cb
- SHA1
  
  72af89b7a669bb62e6ec326664f3a091fcc2d683
- SHA256
  
  b0b60a1cb970022aa9315a91784ed678282127ec9c9a11b85a96b8b1487a50fc
- SHA512
  
  7ab19d6a19a6c533d1c4f2f7b45e43c02f868a110c4294b2c387440fe68add0162795aaa396deebf5787c90a72250cab31a824082f05ee1b34c11fb06a8cdff6
- SSDEEP
  
  1536:EizQjrrQ3hz9LH5i8wUkMP6girYduKjGyP5EcfU:EcQTA5OrMjGyP5E7
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence