b0d66ec3fc90433d7cf3d220145573b6d2f5222a6fa6c86df879bb9cf5523a4b | Triage

Sharing

General

Target

17e6591d1c4f909dcb60b29ee4bef2e6_JaffaCakes118
Size

584KB
Sample

240627-28414azenj
MD5

17e6591d1c4f909dcb60b29ee4bef2e6
SHA1

acbac458911faf6922b2a0a0a68d3941d1076687
SHA256

b0d66ec3fc90433d7cf3d220145573b6d2f5222a6fa6c86df879bb9cf5523a4b
SHA512

0c6428703656e794028f2f48215795a5aca5ab3adc30645b502dae518b5253220126e8c3b163cdcd8c2b1713c03a4671fb299f6e89f4be85ccc7da83e2cf0ba8
SSDEEP

12288:7hm6OFtBbaxN/cGVJsNkas85tPRCBFea41OPob9ZiM0jfy0tL:7UvPBbaptP

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  17e6591d1c4f909dcb60b29ee4bef2e6_JaffaCakes118
- Size
  
  584KB
- MD5
  
  17e6591d1c4f909dcb60b29ee4bef2e6
- SHA1
  
  acbac458911faf6922b2a0a0a68d3941d1076687
- SHA256
  
  b0d66ec3fc90433d7cf3d220145573b6d2f5222a6fa6c86df879bb9cf5523a4b
- SHA512
  
  0c6428703656e794028f2f48215795a5aca5ab3adc30645b502dae518b5253220126e8c3b163cdcd8c2b1713c03a4671fb299f6e89f4be85ccc7da83e2cf0ba8
- SSDEEP
  
  12288:7hm6OFtBbaxN/cGVJsNkas85tPRCBFea41OPob9ZiM0jfy0tL:7UvPBbaptP
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2