dcf13e9602a98fcc00a0ea6ac8aa69f2971d322f7949f4ef171c8a5a85192cf9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4307e280a36edb651ed47b1fda5fa538_JaffaCakes118
Size

28KB
Sample

241014-tmm7fsxfkm
MD5

4307e280a36edb651ed47b1fda5fa538
SHA1

e9704d1f16b81da1fd158fdfb385cf94594c7895
SHA256

dcf13e9602a98fcc00a0ea6ac8aa69f2971d322f7949f4ef171c8a5a85192cf9
SHA512

af8ee9e27ccb06d21996e13157bf64139a79e1e382ccf738f6d469be11564d5925cf2a27e0d66b394517ce38500e5aa1ce66e9cea62e7edde583946f187ba831
SSDEEP

384:114ZiOxo39AGwV78VvPoqDJRHsG/UBLIFRZniPqMTmIQVano43NpirXrZEe7dZC0:11rOC8V78VvANX+nZiBQKjirXriOdb

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  4307e280a36edb651ed47b1fda5fa538_JaffaCakes118
- Size
  
  28KB
- MD5
  
  4307e280a36edb651ed47b1fda5fa538
- SHA1
  
  e9704d1f16b81da1fd158fdfb385cf94594c7895
- SHA256
  
  dcf13e9602a98fcc00a0ea6ac8aa69f2971d322f7949f4ef171c8a5a85192cf9
- SHA512
  
  af8ee9e27ccb06d21996e13157bf64139a79e1e382ccf738f6d469be11564d5925cf2a27e0d66b394517ce38500e5aa1ce66e9cea62e7edde583946f187ba831
- SSDEEP
  
  384:114ZiOxo39AGwV78VvPoqDJRHsG/UBLIFRZniPqMTmIQVano43NpirXrZEe7dZC0:11rOC8V78VvANX+nZiBQKjirXriOdb
Score

7^/10

discovery persistence
- Boot or Logon Autostart Execution: Print Processors
  Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Print Processors

Privilege Escalation

Boot or Logon Autostart Execution

Print Processors

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2