df92ec00486488c34b8888789ed19a15553c29adbcf7efbc589f33a8a655db70 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d5bc7e38c624c95322258c7c8e3a873a_JaffaCakes118
Size

264KB
Sample

240909-gegngstgkm
MD5

d5bc7e38c624c95322258c7c8e3a873a
SHA1

f6c991d7cdcaecddc0406ace54142f4b5c6b51eb
SHA256

df92ec00486488c34b8888789ed19a15553c29adbcf7efbc589f33a8a655db70
SHA512

7d5042ab114a060ee6a12a1a516cec003c4636cf0c96e46c6437b8bc23164ac9716267d316261e1adc8236bb7443e3d55eafaf4ea233d271fd4eb3d2e38e5574
SSDEEP

6144:9805ONxYxud29CDF8HTKGYmOeSr001x9p3:9T5ODOW28DkeXmpSr0eR

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  d5bc7e38c624c95322258c7c8e3a873a_JaffaCakes118
- Size
  
  264KB
- MD5
  
  d5bc7e38c624c95322258c7c8e3a873a
- SHA1
  
  f6c991d7cdcaecddc0406ace54142f4b5c6b51eb
- SHA256
  
  df92ec00486488c34b8888789ed19a15553c29adbcf7efbc589f33a8a655db70
- SHA512
  
  7d5042ab114a060ee6a12a1a516cec003c4636cf0c96e46c6437b8bc23164ac9716267d316261e1adc8236bb7443e3d55eafaf4ea233d271fd4eb3d2e38e5574
- SSDEEP
  
  6144:9805ONxYxud29CDF8HTKGYmOeSr001x9p3:9T5ODOW28DkeXmpSr0eR
Score

7^/10

discovery persistence
- Boot or Logon Autostart Execution: Print Processors
  Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Print Processors

Privilege Escalation

Boot or Logon Autostart Execution

Print Processors

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2