General

  • Target

    JaffaCakes118_438db217b4fa2dca7254f32827d45f80

  • Size

    116KB

  • Sample

    250127-zl98gsvrgr

  • MD5

    438db217b4fa2dca7254f32827d45f80

  • SHA1

    9a0766c25c58e1a38a4c8251541fc2dacb921a9f

  • SHA256

    e4d774782c783ecd094cbe5c4e2026f022e1179ffd9fb598d6f053030310ea38

  • SHA512

    c6d9dcde957a6c3a9583bd603454e6a1eeb7e5e19d6f8b087dcc1fd49d580a713e47cfd9710ce99d0c84a4ba660547b0bab59608efa942cc54eb11cccc6dcecd

  • SSDEEP

    3072:vaPTfZf0BDErfZxdJ2yF0LT2dbyJbjExN/S0+gTU83E4y:vgZ3PdJ2ymLrdb0D3b

Malware Config

Targets

    • Target

      JaffaCakes118_438db217b4fa2dca7254f32827d45f80

    • Size

      116KB

    • MD5

      438db217b4fa2dca7254f32827d45f80

    • SHA1

      9a0766c25c58e1a38a4c8251541fc2dacb921a9f

    • SHA256

      e4d774782c783ecd094cbe5c4e2026f022e1179ffd9fb598d6f053030310ea38

    • SHA512

      c6d9dcde957a6c3a9583bd603454e6a1eeb7e5e19d6f8b087dcc1fd49d580a713e47cfd9710ce99d0c84a4ba660547b0bab59608efa942cc54eb11cccc6dcecd

    • SSDEEP

      3072:vaPTfZf0BDErfZxdJ2yF0LT2dbyJbjExN/S0+gTU83E4y:vgZ3PdJ2ymLrdb0D3b

    • Boot or Logon Autostart Execution: Print Processors

      Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks