General
-
Target
25312f7af31cf1e0ce4502231bde17f2_JaffaCakes118
-
Size
212KB
-
Sample
240704-js5nks1flq
-
MD5
25312f7af31cf1e0ce4502231bde17f2
-
SHA1
1b1abb8c7261c77836e99316090bcae50e966909
-
SHA256
52e08fa2554af7c5371ae0f1dc1e39c1df6a0bb4c4de9790721670f347ae88d6
-
SHA512
3f6abd7fe1d33f8344c3d62076ad3e6a74a4cb67dc157e3173d91919196cef873cecf9d98948f531224a0f3a5054ba58b1bcba135dc1fec35033abc37bacd1b8
-
SSDEEP
3072:6adeUVfekekIG2oa8W/HICkQZFRER3xpm41:6sVm8IGNY/IQZkV
Malware Config
Targets
-
-
Target
25312f7af31cf1e0ce4502231bde17f2_JaffaCakes118
-
Size
212KB
-
MD5
25312f7af31cf1e0ce4502231bde17f2
-
SHA1
1b1abb8c7261c77836e99316090bcae50e966909
-
SHA256
52e08fa2554af7c5371ae0f1dc1e39c1df6a0bb4c4de9790721670f347ae88d6
-
SHA512
3f6abd7fe1d33f8344c3d62076ad3e6a74a4cb67dc157e3173d91919196cef873cecf9d98948f531224a0f3a5054ba58b1bcba135dc1fec35033abc37bacd1b8
-
SSDEEP
3072:6adeUVfekekIG2oa8W/HICkQZFRER3xpm41:6sVm8IGNY/IQZkV
Score7/10-
Boot or Logon Autostart Execution: Print Processors
Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.
-
Drops file in System32 directory
-