d47272df4bdabddf874187a2ff0dee1cf0dfe52acb8d8500bcf7d78818d23ed2 | Triage

Sharing

General

Target

7838e57b6c4849d62f7f19b2150d9b57_JaffaCakes118
Size

25KB
Sample

240727-ppr6zazckl
MD5

7838e57b6c4849d62f7f19b2150d9b57
SHA1

62c401bef55e5a7d5b9c4a63f5dca53bce362475
SHA256

d47272df4bdabddf874187a2ff0dee1cf0dfe52acb8d8500bcf7d78818d23ed2
SHA512

2cea5be52f43595e1dda94dffe7d7583b02595f3f8e3c83918f47fbbbd21ea0825ae447035b831ed66a024e7d2db6a3674eb7f290ad60a76f0774b1361d61b75
SSDEEP

192:rlhWfiTHIf+KcepxmYG/JRp+XTcjjkUiW3FFae1oaEtTTr6mCRGqITpmBRR3D2wS:rlJTofDbGBbiW3ueWxr6m0ITp83E7

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  7838e57b6c4849d62f7f19b2150d9b57_JaffaCakes118
- Size
  
  25KB
- MD5
  
  7838e57b6c4849d62f7f19b2150d9b57
- SHA1
  
  62c401bef55e5a7d5b9c4a63f5dca53bce362475
- SHA256
  
  d47272df4bdabddf874187a2ff0dee1cf0dfe52acb8d8500bcf7d78818d23ed2
- SHA512
  
  2cea5be52f43595e1dda94dffe7d7583b02595f3f8e3c83918f47fbbbd21ea0825ae447035b831ed66a024e7d2db6a3674eb7f290ad60a76f0774b1361d61b75
- SSDEEP
  
  192:rlhWfiTHIf+KcepxmYG/JRp+XTcjjkUiW3FFae1oaEtTTr6mCRGqITpmBRR3D2wS:rlJTofDbGBbiW3ueWxr6m0ITp83E7
Score

7^/10

discovery persistence
- Boot or Logon Autostart Execution: Print Processors
  Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Print Processors

Privilege Escalation

Boot or Logon Autostart Execution

Print Processors

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence