5da1175e0bdc3bc3bf7a6ebf24a6aa695fe82b430b2d274e149ded887d3a7d70 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40b0e48bec29c533a2b442025903b53e_JaffaCakes118
Size

81KB
Sample

241013-s5l7fatglg
MD5

40b0e48bec29c533a2b442025903b53e
SHA1

d72f1716a6057d8f609d6051bbd7531846497e35
SHA256

5da1175e0bdc3bc3bf7a6ebf24a6aa695fe82b430b2d274e149ded887d3a7d70
SHA512

90d615f0998b3164e09360c5474a5d6c7358be1bad8d1cdc02f191b68bfc310265680f9be72094f7d0347e392efe07c192ddb36b8a44ff4e55b5e970b5eb5e2a
SSDEEP

1536:Zs2Ndp46nqSeEl/0g4SSLXXn7Gq+j+7o1Ox6SuUh0B3leoG9gl1/p:/NXzQTXyq+b0x6Sv0B3leoGSlZp

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  movie1080p.mkv.exe
- Size
  
  144KB
- MD5
  
  5239e568aa7624d48b98fd09d1365a9d
- SHA1
  
  3b106dbb8a474c2740970144fd4dfd86c8437f78
- SHA256
  
  7b200b6407304473748a93826df9fae728119c4cd510913c147da8c121e495f0
- SHA512
  
  ef3cba74a417e2bce1630527c19a3dd25299ee044744d926796ba493b15c9cd42dd6f9cc19f5b86f7c3044474afcfab9954fb48d07faa7f8baf01dfd12e9e500
- SSDEEP
  
  3072:jeCUbVxtwT81GZJI1lvFi+onTh27wel8aRM6RBDFXT8D:6Cy8TJZJoWI7ZB/DBTG
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2