57fae6482d9b4ba949d98b852129fe9abb9ede5d27c689342b011e5b1ddc09c6 | Triage

Sharing

General

Target

3c6edff35904c65fe40b78600efe3e9a_JaffaCakes118
Size

41KB
Sample

241012-2q8asszdnl
MD5

3c6edff35904c65fe40b78600efe3e9a
SHA1

e48ec07c2508983773776a5e044782c5ecc9ae9c
SHA256

57fae6482d9b4ba949d98b852129fe9abb9ede5d27c689342b011e5b1ddc09c6
SHA512

ce0bcfc795b2b60c52f89241bd68c0d46b7270cdcdfb028dae4ac354ea5f7e7f7ea7fd2b9dcc0d79c5189431d4c498a8e6c2878319a6ab7bcd39ae629d91dc07
SSDEEP

768:w+LTFU0BBvBxwLniMgt4GQAKQ+JNlYTy7+NRj9NGxB5DuX11Fv2wGaR:npU0Bn2+MgtNLKQ+JNKy7+7xgB5qX17Z

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  3c6edff35904c65fe40b78600efe3e9a_JaffaCakes118
- Size
  
  41KB
- MD5
  
  3c6edff35904c65fe40b78600efe3e9a
- SHA1
  
  e48ec07c2508983773776a5e044782c5ecc9ae9c
- SHA256
  
  57fae6482d9b4ba949d98b852129fe9abb9ede5d27c689342b011e5b1ddc09c6
- SHA512
  
  ce0bcfc795b2b60c52f89241bd68c0d46b7270cdcdfb028dae4ac354ea5f7e7f7ea7fd2b9dcc0d79c5189431d4c498a8e6c2878319a6ab7bcd39ae629d91dc07
- SSDEEP
  
  768:w+LTFU0BBvBxwLniMgt4GQAKQ+JNlYTy7+NRj9NGxB5DuX11Fv2wGaR:npU0Bn2+MgtNLKQ+JNKy7+7xgB5qX17Z
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence