General
-
Target
4338594b693ed049775aee6ec6d9fd8f_JaffaCakes118
-
Size
164KB
-
Sample
240713-y8frqayble
-
MD5
4338594b693ed049775aee6ec6d9fd8f
-
SHA1
815e6c30e1a949503f42a049c385d9db62acc014
-
SHA256
586e8e609d855d7772d30675341c1ceb08f292de8924f08924d966462e2eec25
-
SHA512
53318e957a2bf8f3834999d604126a09d611f3fc9d056c3493b9751625767ea8e3d6a8254a1636e3af39fe50429e0280041b8845cd330eb18cd908cb187238dd
-
SSDEEP
3072:fhiLiXtRhmAwjIvWIP8IbhKT6MK4tRJCUoB5y:7tXnwjYWIkIbAGMK4tXCUoL
Malware Config
Targets
-
-
Target
4338594b693ed049775aee6ec6d9fd8f_JaffaCakes118
-
Size
164KB
-
MD5
4338594b693ed049775aee6ec6d9fd8f
-
SHA1
815e6c30e1a949503f42a049c385d9db62acc014
-
SHA256
586e8e609d855d7772d30675341c1ceb08f292de8924f08924d966462e2eec25
-
SHA512
53318e957a2bf8f3834999d604126a09d611f3fc9d056c3493b9751625767ea8e3d6a8254a1636e3af39fe50429e0280041b8845cd330eb18cd908cb187238dd
-
SSDEEP
3072:fhiLiXtRhmAwjIvWIP8IbhKT6MK4tRJCUoB5y:7tXnwjYWIkIbAGMK4tXCUoL
Score7/10-
Boot or Logon Autostart Execution: Print Processors
Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.
-
Drops file in System32 directory
-