General

  • Target

    c07b273cc70dc2f4179137f514e8bf21_JaffaCakes118

  • Size

    161KB

  • Sample

    240825-lwr8rsxgph

  • MD5

    c07b273cc70dc2f4179137f514e8bf21

  • SHA1

    e840e79350f75fea61db197260ab6c5fb910ac29

  • SHA256

    46bdc227315bd3a80eed1e2cf75c02ec0862464db5b4fa9a2c7a53a6ffa0b2c4

  • SHA512

    b1ff8f021c13f0e3c0b29cecb0fba9f889cc7b847a2417801948509421b996bd4d2e5bb07865b2788c018e31aca3b59821fc485fea5df40444d1fc8fe9f04e3f

  • SSDEEP

    3072:iJhy2WcBshyF7m9qtSfAoSFg6LQUhc+5Yj7WcMMSaks:ijFrFC9qcfAbtrcaMSa

Malware Config

Targets

    • Target

      c07b273cc70dc2f4179137f514e8bf21_JaffaCakes118

    • Size

      161KB

    • MD5

      c07b273cc70dc2f4179137f514e8bf21

    • SHA1

      e840e79350f75fea61db197260ab6c5fb910ac29

    • SHA256

      46bdc227315bd3a80eed1e2cf75c02ec0862464db5b4fa9a2c7a53a6ffa0b2c4

    • SHA512

      b1ff8f021c13f0e3c0b29cecb0fba9f889cc7b847a2417801948509421b996bd4d2e5bb07865b2788c018e31aca3b59821fc485fea5df40444d1fc8fe9f04e3f

    • SSDEEP

      3072:iJhy2WcBshyF7m9qtSfAoSFg6LQUhc+5Yj7WcMMSaks:ijFrFC9qcfAbtrcaMSa

    • Boot or Logon Autostart Execution: Print Processors

      Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks