730fe34d6907bb2f2247b250292f3e9bb91de3eb6a68892f8f65cef98dc120dc | Triage

Sharing

General

Target

4037d55ccc8cf3a94592d2b72bfbd799_JaffaCakes118
Size

396KB
Sample

241013-q6hjjazcmh
MD5

4037d55ccc8cf3a94592d2b72bfbd799
SHA1

06a173236650a2ecc14e49c509f20b54e1928518
SHA256

730fe34d6907bb2f2247b250292f3e9bb91de3eb6a68892f8f65cef98dc120dc
SHA512

889d5a561c5668de7631c49fa85fd38216e56e0cb1d1629c6ef81142400fff50323fbbe5f179938d2cbc5ee796db0f209686833fafa6f9775cf38d4d263c1df5
SSDEEP

12288:eyHi0orWdWbihdpWH8sxCrkh7uvMB2IhyZ:unpbh0QZaMgI8

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  4037d55ccc8cf3a94592d2b72bfbd799_JaffaCakes118
- Size
  
  396KB
- MD5
  
  4037d55ccc8cf3a94592d2b72bfbd799
- SHA1
  
  06a173236650a2ecc14e49c509f20b54e1928518
- SHA256
  
  730fe34d6907bb2f2247b250292f3e9bb91de3eb6a68892f8f65cef98dc120dc
- SHA512
  
  889d5a561c5668de7631c49fa85fd38216e56e0cb1d1629c6ef81142400fff50323fbbe5f179938d2cbc5ee796db0f209686833fafa6f9775cf38d4d263c1df5
- SSDEEP
  
  12288:eyHi0orWdWbihdpWH8sxCrkh7uvMB2IhyZ:unpbh0QZaMgI8
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2