76cb77b52f32a4a538a0b6206651fa147ec69e7b1116f5bedffb5bcb08ab16e6 | Triage

Sharing

General

Target

a36005d06c3fb1ea1df2bfa946745f50_JaffaCakes118
Size

29KB
Sample

240817-vhha3swenh
MD5

a36005d06c3fb1ea1df2bfa946745f50
SHA1

4477c6b4f5d8e5ebeca615ea14024d74cac4b9e5
SHA256

76cb77b52f32a4a538a0b6206651fa147ec69e7b1116f5bedffb5bcb08ab16e6
SHA512

42bc07dc81650daf59b1460b44f9b073ae2cb6e1afcc4769f7bf8432632baf2051d7109ffb207204d2364db8c6439b3218e2e6ae20a38fb2adc0e3b2c8042cac
SSDEEP

768:8DX7HIcb3oqCEJbqAVeNI3eb41AIzYJp0KoOlmKk:8D7BbzbFU63J0p0Kfe

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  a36005d06c3fb1ea1df2bfa946745f50_JaffaCakes118
- Size
  
  29KB
- MD5
  
  a36005d06c3fb1ea1df2bfa946745f50
- SHA1
  
  4477c6b4f5d8e5ebeca615ea14024d74cac4b9e5
- SHA256
  
  76cb77b52f32a4a538a0b6206651fa147ec69e7b1116f5bedffb5bcb08ab16e6
- SHA512
  
  42bc07dc81650daf59b1460b44f9b073ae2cb6e1afcc4769f7bf8432632baf2051d7109ffb207204d2364db8c6439b3218e2e6ae20a38fb2adc0e3b2c8042cac
- SSDEEP
  
  768:8DX7HIcb3oqCEJbqAVeNI3eb41AIzYJp0KoOlmKk:8D7BbzbFU63J0p0Kfe
Score

7^/10

discovery persistence
- Boot or Logon Autostart Execution: Print Processors
  Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Print Processors

Privilege Escalation

Boot or Logon Autostart Execution

Print Processors

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2