88a46cef081716a098196d7fca3a379ae35a1e80c8c79b23aceb287cecb1c8f2 | Triage

Sharing

General

Target

b52ea8a406ba5f8e5cd64ce2ca2c644b_JaffaCakes118
Size

126KB
Sample

240821-1qmhnasdqg
MD5

b52ea8a406ba5f8e5cd64ce2ca2c644b
SHA1

74cee93ccbda2ae1e3698bab762fc62d3bd27bff
SHA256

88a46cef081716a098196d7fca3a379ae35a1e80c8c79b23aceb287cecb1c8f2
SHA512

6f3c1b8289e300b2c77cc1e8fe1edbf0ded9e07b38fdcfa8c34f9c6d90f2b92bf8cd805afd3659fd72d3d43858c09857e19be8e16c1315fe03c22c43f9d9d876
SSDEEP

3072:5y7bs3Qn0n6vXu4BrpmD+d5XwY/baIxxj9QWAa7E:5y7OQnA6/rJd5LzaIX9CO

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  b52ea8a406ba5f8e5cd64ce2ca2c644b_JaffaCakes118
- Size
  
  126KB
- MD5
  
  b52ea8a406ba5f8e5cd64ce2ca2c644b
- SHA1
  
  74cee93ccbda2ae1e3698bab762fc62d3bd27bff
- SHA256
  
  88a46cef081716a098196d7fca3a379ae35a1e80c8c79b23aceb287cecb1c8f2
- SHA512
  
  6f3c1b8289e300b2c77cc1e8fe1edbf0ded9e07b38fdcfa8c34f9c6d90f2b92bf8cd805afd3659fd72d3d43858c09857e19be8e16c1315fe03c22c43f9d9d876
- SSDEEP
  
  3072:5y7bs3Qn0n6vXu4BrpmD+d5XwY/baIxxj9QWAa7E:5y7OQnA6/rJd5LzaIX9CO
Score

7^/10

discovery persistence
- Boot or Logon Autostart Execution: Print Processors
  Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Print Processors

Privilege Escalation

Boot or Logon Autostart Execution

Print Processors

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2