c7f15685ccc4cf8354cf4f1590d7577f4bbf8781a3494ca5c6d982fa5cf7e073 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3dd29d6a10609b2f55c038fd50132ce3_JaffaCakes118
Size

142KB
Sample

240712-r8pw3aybnp
MD5

3dd29d6a10609b2f55c038fd50132ce3
SHA1

8c7323c52edfea158713c08d70b1c85020f5e776
SHA256

c7f15685ccc4cf8354cf4f1590d7577f4bbf8781a3494ca5c6d982fa5cf7e073
SHA512

2ec3f3643e3ba84d504ec31fdde15619e46035e075303c978c815603e5057b35a895cf4a772418b66c2949af8ab177f6251d0f42bc89f1d2fd4de27afbc319f7
SSDEEP

3072:nPC+w9KM+lbMnqYgQnVu+VZkFC8f1ViHbfH7AXhZNm0h+Md1/lkzL+:a4lbe5xkl1V88xnNkzL

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3dd29d6a10609b2f55c038fd50132ce3_JaffaCakes118
- Size
  
  142KB
- MD5
  
  3dd29d6a10609b2f55c038fd50132ce3
- SHA1
  
  8c7323c52edfea158713c08d70b1c85020f5e776
- SHA256
  
  c7f15685ccc4cf8354cf4f1590d7577f4bbf8781a3494ca5c6d982fa5cf7e073
- SHA512
  
  2ec3f3643e3ba84d504ec31fdde15619e46035e075303c978c815603e5057b35a895cf4a772418b66c2949af8ab177f6251d0f42bc89f1d2fd4de27afbc319f7
- SSDEEP
  
  3072:nPC+w9KM+lbMnqYgQnVu+VZkFC8f1ViHbfH7AXhZNm0h+Md1/lkzL+:a4lbe5xkl1V88xnNkzL
Score

7^/10

persistence
- Boot or Logon Autostart Execution: Print Processors
  Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Print Processors

Privilege Escalation

Boot or Logon Autostart Execution

Print Processors

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2