d284237516b379665be6fd0697946f66d412415ee53ce0698f653d0d36b4243d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd9364298e4e449b2c0ae8c37dcc1a46_JaffaCakes118
Size

59KB
Sample

240929-cda24aybqh
MD5

fd9364298e4e449b2c0ae8c37dcc1a46
SHA1

76405b95d83638286c7295635c66aaba30668804
SHA256

d284237516b379665be6fd0697946f66d412415ee53ce0698f653d0d36b4243d
SHA512

03f230aad31c4b5df4173c8c3e2e1a5225e1b971f09e9e3f2a9b336e84352c2cf44cfaa209c35bb1163e5377f8fb3d1e7eca599d53792d9ccbc89ae231afc06d
SSDEEP

1536:5UrN9NGy6pBN7ZhtNvBUMDe/SEH+nmwm:+rTs7pBNPDvBUM

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  fd9364298e4e449b2c0ae8c37dcc1a46_JaffaCakes118
- Size
  
  59KB
- MD5
  
  fd9364298e4e449b2c0ae8c37dcc1a46
- SHA1
  
  76405b95d83638286c7295635c66aaba30668804
- SHA256
  
  d284237516b379665be6fd0697946f66d412415ee53ce0698f653d0d36b4243d
- SHA512
  
  03f230aad31c4b5df4173c8c3e2e1a5225e1b971f09e9e3f2a9b336e84352c2cf44cfaa209c35bb1163e5377f8fb3d1e7eca599d53792d9ccbc89ae231afc06d
- SSDEEP
  
  1536:5UrN9NGy6pBN7ZhtNvBUMDe/SEH+nmwm:+rTs7pBNPDvBUM
Score

7^/10

persistence discovery
- Boot or Logon Autostart Execution: Print Processors
  Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Print Processors

Privilege Escalation

Boot or Logon Autostart Execution

Print Processors

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2