d6ef20e73b9971f6c18201d0e162a26e6bde7f71c22ac346a9ba1d8996c208d3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38e199cbd173cefc74dbdffa7d68e7ca_JaffaCakes118
Size

58KB
Sample

241012-hkeazstalp
MD5

38e199cbd173cefc74dbdffa7d68e7ca
SHA1

10b6c3fac717ef062c942baba127f4b0e1a99143
SHA256

d6ef20e73b9971f6c18201d0e162a26e6bde7f71c22ac346a9ba1d8996c208d3
SHA512

68f6010e617560f56642203a53affef88e22b1a9b3eb96b6a6d359eb054ae4459bb5e5ae9af434859fe4be8249c6a7abfedde9e3d9a19dab15bc68c7f740ffd2
SSDEEP

1536:tNq9L3QQFDnUclh1lY6TQJMnbIoXyGDmhQmXREiQZsx:YzJLldEuiSmhQmeiQZsx

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  38e199cbd173cefc74dbdffa7d68e7ca_JaffaCakes118
- Size
  
  58KB
- MD5
  
  38e199cbd173cefc74dbdffa7d68e7ca
- SHA1
  
  10b6c3fac717ef062c942baba127f4b0e1a99143
- SHA256
  
  d6ef20e73b9971f6c18201d0e162a26e6bde7f71c22ac346a9ba1d8996c208d3
- SHA512
  
  68f6010e617560f56642203a53affef88e22b1a9b3eb96b6a6d359eb054ae4459bb5e5ae9af434859fe4be8249c6a7abfedde9e3d9a19dab15bc68c7f740ffd2
- SSDEEP
  
  1536:tNq9L3QQFDnUclh1lY6TQJMnbIoXyGDmhQmXREiQZsx:YzJLldEuiSmhQmeiQZsx
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2