c2a7529594c8683532001274cff34b0c32b29561c8894500cd435df089fe2056 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a3f2620202c2afb7b7cc958875d6847_JaffaCakes118
Size

29KB
Sample

240711-wy336aycnq
MD5

3a3f2620202c2afb7b7cc958875d6847
SHA1

200160b26d84eb23efc9ba775879696ce404aa7e
SHA256

c2a7529594c8683532001274cff34b0c32b29561c8894500cd435df089fe2056
SHA512

11e479176554598bdb929e5a2ace797879a93b7747a2779d8c11b86b9ccf26a36e43346cf7c618c04ce19592b5df28bce0d09f31a9c57804827b8b798bb09247
SSDEEP

768:QSn9xLuTOobSVDQl8s65OGQMhys5o5eq2V44n/k:Qy9UTOsSVElE5O1MhD5zq2v8

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3a3f2620202c2afb7b7cc958875d6847_JaffaCakes118
- Size
  
  29KB
- MD5
  
  3a3f2620202c2afb7b7cc958875d6847
- SHA1
  
  200160b26d84eb23efc9ba775879696ce404aa7e
- SHA256
  
  c2a7529594c8683532001274cff34b0c32b29561c8894500cd435df089fe2056
- SHA512
  
  11e479176554598bdb929e5a2ace797879a93b7747a2779d8c11b86b9ccf26a36e43346cf7c618c04ce19592b5df28bce0d09f31a9c57804827b8b798bb09247
- SSDEEP
  
  768:QSn9xLuTOobSVDQl8s65OGQMhys5o5eq2V44n/k:Qy9UTOsSVElE5O1MhD5zq2v8
Score

7^/10

persistence
- Boot or Logon Autostart Execution: Print Processors
  Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Print Processors

Privilege Escalation

Boot or Logon Autostart Execution

Print Processors

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2