196cdb0c9e6d7968d7c9131fa49e0e98202a4c632db42b0c986a46b878a123ef | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28d822fe5208c469e824a223de77f3a0_JaffaCakes118
Size

49KB
Sample

240706-t3dyqavemq
MD5

28d822fe5208c469e824a223de77f3a0
SHA1

d9011206f9285c35a1bf721b36322f3357330691
SHA256

196cdb0c9e6d7968d7c9131fa49e0e98202a4c632db42b0c986a46b878a123ef
SHA512

8fa1875b0ab4d40d86a22159a4137e980e3182f31df817b5e867c0b66f6a25c95ecc7b8c52e62d60a04c6dff47dfe18203e50ac3f81cd03b4696a2608adf2997
SSDEEP

1536:5qG0T5lJtumZgsLNp0XgDkrll3aEmkIz:/QzgQgsLNp0XZqL

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  28d822fe5208c469e824a223de77f3a0_JaffaCakes118
- Size
  
  49KB
- MD5
  
  28d822fe5208c469e824a223de77f3a0
- SHA1
  
  d9011206f9285c35a1bf721b36322f3357330691
- SHA256
  
  196cdb0c9e6d7968d7c9131fa49e0e98202a4c632db42b0c986a46b878a123ef
- SHA512
  
  8fa1875b0ab4d40d86a22159a4137e980e3182f31df817b5e867c0b66f6a25c95ecc7b8c52e62d60a04c6dff47dfe18203e50ac3f81cd03b4696a2608adf2997
- SSDEEP
  
  1536:5qG0T5lJtumZgsLNp0XgDkrll3aEmkIz:/QzgQgsLNp0XZqL
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2