Overview

overview

7

Static

static

3

86166e34b5...18.exe

windows7-x64

7

86166e34b5...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    86166e34b556f20265b88c144152b94a_JaffaCakes118

  • Size

    80KB

  • Sample

    240810-pwn3wszbrm

  • MD5

    86166e34b556f20265b88c144152b94a

  • SHA1

    621976037eb4db0b7324f95550947ca80a318163

  • SHA256

    ad5b8a848bcf13ced28fc596d10c5a4806166e44088ab0cb6730ab048f477001

  • SHA512

    f998321c44b7b4590da1b9aee337bb4740fac6a2d4e9546789b43a92b59e4fc42066fb05dfd2d0693ed458f778e51c58eeec7792eda2bef8c88ac93b06cb710d

  • SSDEEP

    1536:I0DPHv8U7V3i7wWFzWtdkQPTDER74qc5iNCfV2iRk7Lf:JDfv86Ji8gITIxk3fVA7

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      86166e34b556f20265b88c144152b94a_JaffaCakes118

    • Size

      80KB

    • MD5

      86166e34b556f20265b88c144152b94a

    • SHA1

      621976037eb4db0b7324f95550947ca80a318163

    • SHA256

      ad5b8a848bcf13ced28fc596d10c5a4806166e44088ab0cb6730ab048f477001

    • SHA512

      f998321c44b7b4590da1b9aee337bb4740fac6a2d4e9546789b43a92b59e4fc42066fb05dfd2d0693ed458f778e51c58eeec7792eda2bef8c88ac93b06cb710d

    • SSDEEP

      1536:I0DPHv8U7V3i7wWFzWtdkQPTDER74qc5iNCfV2iRk7Lf:JDfv86Ji8gITIxk3fVA7

    Score
    7/10
    persistencediscovery

    • Boot or Logon Autostart Execution: Print Processors

      Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks