c9cbd36c23b777722ed1cdd45fb19c635627656be2e4263e2013c61749801f27 | Triage

Sharing

General

Target

826cf2f6f44112a720ff3fb6266a22c0_JaffaCakes118
Size

638KB
Sample

241031-j8ky4svbrg
MD5

826cf2f6f44112a720ff3fb6266a22c0
SHA1

0447f0ad60e3da14406739a7c8ec8251a64ee613
SHA256

c9cbd36c23b777722ed1cdd45fb19c635627656be2e4263e2013c61749801f27
SHA512

7226a0b2dc298a86854e088a1ec5c07da09637aa6eaf0f0ac1b5f9c6d355f96b35b920297ae7831096f1b3e5a2847ce091af10c4eb266caf41ed62c0345dfa92
SSDEEP

12288:3AsS1eRVz2bmFfQTU2gqgXnGaVLYpeWEE1pWuke2zaexUX01q1A3Wbkb4sfLbR35:3JzVFf36knG4UHDKaeGXYq1AcG4sDlp

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  826cf2f6f44112a720ff3fb6266a22c0_JaffaCakes118
- Size
  
  638KB
- MD5
  
  826cf2f6f44112a720ff3fb6266a22c0
- SHA1
  
  0447f0ad60e3da14406739a7c8ec8251a64ee613
- SHA256
  
  c9cbd36c23b777722ed1cdd45fb19c635627656be2e4263e2013c61749801f27
- SHA512
  
  7226a0b2dc298a86854e088a1ec5c07da09637aa6eaf0f0ac1b5f9c6d355f96b35b920297ae7831096f1b3e5a2847ce091af10c4eb266caf41ed62c0345dfa92
- SSDEEP
  
  12288:3AsS1eRVz2bmFfQTU2gqgXnGaVLYpeWEE1pWuke2zaexUX01q1A3Wbkb4sfLbR35:3JzVFf36knG4UHDKaeGXYq1AcG4sDlp
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence