Overview

overview

7

Static

static

3

b76af86a8f...18.exe

windows7-x64

7

b76af86a8f...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    b76af86a8f2407f11ecd4877274917b8_JaffaCakes118

  • Size

    115KB

  • Sample

    240822-nbxnvsteqa

  • MD5

    b76af86a8f2407f11ecd4877274917b8

  • SHA1

    ebb30849c70022d965b767a269d16d9040d926da

  • SHA256

    bdd58f4fc497bff11930ccfc74cf08ae8d2c9937b87dadc7da2e361425c65ffc

  • SHA512

    49a1cf8d6a4d646b9d593bd42101ac5c23b330ee93ea67d5c84215ebf5f959559f88c88dff2e6c2c055e8c1af54118c9700f841b561add94637b6a1f14ec1f69

  • SSDEEP

    3072:PGaK4XabO7xlI8r9iJw7AzAAn/6asu1TUybroaUKZt:BpCzAiAu14yfoFKZ

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      b76af86a8f2407f11ecd4877274917b8_JaffaCakes118

    • Size

      115KB

    • MD5

      b76af86a8f2407f11ecd4877274917b8

    • SHA1

      ebb30849c70022d965b767a269d16d9040d926da

    • SHA256

      bdd58f4fc497bff11930ccfc74cf08ae8d2c9937b87dadc7da2e361425c65ffc

    • SHA512

      49a1cf8d6a4d646b9d593bd42101ac5c23b330ee93ea67d5c84215ebf5f959559f88c88dff2e6c2c055e8c1af54118c9700f841b561add94637b6a1f14ec1f69

    • SSDEEP

      3072:PGaK4XabO7xlI8r9iJw7AzAAn/6asu1TUybroaUKZt:BpCzAiAu14yfoFKZ

    Score
    7/10
    discoverypersistence

    • Boot or Logon Autostart Execution: Print Processors

      Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.

      persistence

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks