General

  • Target

    06f4d461a4cf736b3ae617a869317bbc_JaffaCakes118

  • Size

    72KB

  • Sample

    240620-r44jnasgpb

  • MD5

    06f4d461a4cf736b3ae617a869317bbc

  • SHA1

    5c58d96c350725b46a8081c49f0074595ba52fe2

  • SHA256

    3abb2e23d70ea2e71c033893ead6843ae4679ba25bc61ada04e162bc26b45e63

  • SHA512

    3a51f2e891c5237233298a9bce17cb7dc604d5bf4d4522f2fda92b43bb811dcf76c71d98adc4fe0c1f2ee98ba6f47c79b1fb8f8570de606079fbb4856e0b046b

  • SSDEEP

    768:lWLxA7HNj410FqCJe+WSnDkgwTzctX+JWFTO2TJKnQhxO9BwH6eo+lOcl2KHAKqD:l9Nj4rLSnYlQtX+efs9qjomOlAh9Y

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

    • Target

      06f4d461a4cf736b3ae617a869317bbc_JaffaCakes118

    • Size

      72KB

    • MD5

      06f4d461a4cf736b3ae617a869317bbc

    • SHA1

      5c58d96c350725b46a8081c49f0074595ba52fe2

    • SHA256

      3abb2e23d70ea2e71c033893ead6843ae4679ba25bc61ada04e162bc26b45e63

    • SHA512

      3a51f2e891c5237233298a9bce17cb7dc604d5bf4d4522f2fda92b43bb811dcf76c71d98adc4fe0c1f2ee98ba6f47c79b1fb8f8570de606079fbb4856e0b046b

    • SSDEEP

      768:lWLxA7HNj410FqCJe+WSnDkgwTzctX+JWFTO2TJKnQhxO9BwH6eo+lOcl2KHAKqD:l9Nj4rLSnYlQtX+efs9qjomOlAh9Y

    Score
    8/10
    • Event Triggered Execution: Image File Execution Options Injection

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Event Triggered Execution

1
T1546

Image File Execution Options Injection

1
T1546.012

Privilege Escalation

Event Triggered Execution

1
T1546

Image File Execution Options Injection

1
T1546.012

Tasks