Overview

overview

7

Static

static

3

aef83f141a...18.exe

windows7-x64

7

aef83f141a...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    aef83f141a5580cda836585702f5b7c5_JaffaCakes118

  • Size

    165KB

  • Sample

    240820-m6abdasbnm

  • MD5

    aef83f141a5580cda836585702f5b7c5

  • SHA1

    29edaa1938f558c4b2a338d5ee5ed57fc21dead6

  • SHA256

    305979720f2d902ea523afb9b8a894075c1bfa9c495581ccbb4207e61cc25688

  • SHA512

    ad973ab9a7077374a6d69a19ac6fc2a18a251349b7887322beccf23543a1d4d445ea515ad5463fd2f3ed529b6d14780962419315459083903537b1dd01c49485

  • SSDEEP

    3072:mbGmB2Rgg6PEj6ZnjkVcM6KjqAmHHex4dszTLn2:YTg6PEOpHFKCHHex4dszTC

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      aef83f141a5580cda836585702f5b7c5_JaffaCakes118

    • Size

      165KB

    • MD5

      aef83f141a5580cda836585702f5b7c5

    • SHA1

      29edaa1938f558c4b2a338d5ee5ed57fc21dead6

    • SHA256

      305979720f2d902ea523afb9b8a894075c1bfa9c495581ccbb4207e61cc25688

    • SHA512

      ad973ab9a7077374a6d69a19ac6fc2a18a251349b7887322beccf23543a1d4d445ea515ad5463fd2f3ed529b6d14780962419315459083903537b1dd01c49485

    • SSDEEP

      3072:mbGmB2Rgg6PEj6ZnjkVcM6KjqAmHHex4dszTLn2:YTg6PEOpHFKCHHex4dszTC

    Score
    7/10
    persistencediscovery

    • Boot or Logon Autostart Execution: Print Processors

      Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks