5dabf9112d0a1cc813fc0133b395a0442eb4fd77c5abb2ecd26c934482dcac78 | Triage

Sharing

General

Target

826d899eec8051054cf32a93575de21b_JaffaCakes118
Size

350KB
Sample

241031-j8yj7ssqcx
MD5

826d899eec8051054cf32a93575de21b
SHA1

5b1b5db00074bdb34d12be63792fbdec0dcbbb75
SHA256

5dabf9112d0a1cc813fc0133b395a0442eb4fd77c5abb2ecd26c934482dcac78
SHA512

a00be0b36bd6b99985909eac71fc04a0f18a059ba3dd82882151f2f9ba6694e238c7d79c54fa9b52b1901c10956445aa590103cf705aea81974b431a49ef64a1
SSDEEP

6144:mUAMdhVeXS1ib79Kf2ko25/IjU3ZB34vQTYFHUmTP50UwcdXeKiCMJuvc4HRQ:mUBhVaSnoYuU3334vMY1PTP5RFxFcORQ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  826d899eec8051054cf32a93575de21b_JaffaCakes118
- Size
  
  350KB
- MD5
  
  826d899eec8051054cf32a93575de21b
- SHA1
  
  5b1b5db00074bdb34d12be63792fbdec0dcbbb75
- SHA256
  
  5dabf9112d0a1cc813fc0133b395a0442eb4fd77c5abb2ecd26c934482dcac78
- SHA512
  
  a00be0b36bd6b99985909eac71fc04a0f18a059ba3dd82882151f2f9ba6694e238c7d79c54fa9b52b1901c10956445aa590103cf705aea81974b431a49ef64a1
- SSDEEP
  
  6144:mUAMdhVeXS1ib79Kf2ko25/IjU3ZB34vQTYFHUmTP50UwcdXeKiCMJuvc4HRQ:mUBhVaSnoYuU3334vMY1PTP5RFxFcORQ
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence