fbc179065a29ba79e2ab3df29f2f7e0adb38160c2f12208213f8b83a47b9a85b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d89d2620ba28e214bd14c1378aef864_JaffaCakes118
Size

62KB
Sample

241009-jp4bcazfpc
MD5

2d89d2620ba28e214bd14c1378aef864
SHA1

6593c1c754dde59cdb24434950bc3fb7c011f6b0
SHA256

fbc179065a29ba79e2ab3df29f2f7e0adb38160c2f12208213f8b83a47b9a85b
SHA512

1adfa907ca59e1a91a07ca2ceb7f554b2a94c9a0795512d0068f6d7eed251fffe62b5207b74c1871596e43db1582394906292566687db68ff23aa260823ddf27
SSDEEP

768:DYuPQQ8892kJuHSRGxNK+NxTvo3ucoEQAN3LwkkLj+EH+noGo1CR5Wqwq6wq+qUX:DjYT892ksHSkxNfx61N3mSEH+nmwm

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  2d89d2620ba28e214bd14c1378aef864_JaffaCakes118
- Size
  
  62KB
- MD5
  
  2d89d2620ba28e214bd14c1378aef864
- SHA1
  
  6593c1c754dde59cdb24434950bc3fb7c011f6b0
- SHA256
  
  fbc179065a29ba79e2ab3df29f2f7e0adb38160c2f12208213f8b83a47b9a85b
- SHA512
  
  1adfa907ca59e1a91a07ca2ceb7f554b2a94c9a0795512d0068f6d7eed251fffe62b5207b74c1871596e43db1582394906292566687db68ff23aa260823ddf27
- SSDEEP
  
  768:DYuPQQ8892kJuHSRGxNK+NxTvo3ucoEQAN3LwkkLj+EH+noGo1CR5Wqwq6wq+qUX:DjYT892ksHSkxNfx61N3mSEH+nmwm
Score

7^/10

persistence discovery
- Boot or Logon Autostart Execution: Print Processors
  Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Print Processors

Privilege Escalation

Boot or Logon Autostart Execution

Print Processors

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2