Overview

overview

7

Static

static

3

0f7d1fb2be...18.exe

windows7-x64

7

0f7d1fb2be...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    0f7d1fb2bee47f49077d9de0aafb23ae_JaffaCakes118

  • Size

    172KB

  • Sample

    241003-tds2catdmm

  • MD5

    0f7d1fb2bee47f49077d9de0aafb23ae

  • SHA1

    df0487cb69f47401f231d2ec740aefdc9c81669a

  • SHA256

    7289169a0c069b41b7cf1151caf4e1008ba7f396256aea790d88383253d39fd7

  • SHA512

    44d5bfa730f93da372169875fa5499f08257d18b4bd301523a44b2f436d64a4aebc13958e4c2a22bf635988ab1958545e5ca546e86b20d045d6bf69c6777b97d

  • SSDEEP

    3072:HIqEfToqwf/7ubQZqNBlrZwqlBMt4/l7BE5n1W0KJeOGYzOtL8HAP4cD5B:HIjfCf/SbQZkMqleqG5n1Y4YK6HvoT

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      0f7d1fb2bee47f49077d9de0aafb23ae_JaffaCakes118

    • Size

      172KB

    • MD5

      0f7d1fb2bee47f49077d9de0aafb23ae

    • SHA1

      df0487cb69f47401f231d2ec740aefdc9c81669a

    • SHA256

      7289169a0c069b41b7cf1151caf4e1008ba7f396256aea790d88383253d39fd7

    • SHA512

      44d5bfa730f93da372169875fa5499f08257d18b4bd301523a44b2f436d64a4aebc13958e4c2a22bf635988ab1958545e5ca546e86b20d045d6bf69c6777b97d

    • SSDEEP

      3072:HIqEfToqwf/7ubQZqNBlrZwqlBMt4/l7BE5n1W0KJeOGYzOtL8HAP4cD5B:HIjfCf/SbQZkMqleqG5n1Y4YK6HvoT

    Score
    7/10
    persistencediscovery

    • Boot or Logon Autostart Execution: Print Processors

      Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks