8f7662ee33125eb7c8d53eb7b358aeb6451af51cd30cefd21fe9cd31b5397725 | Triage

Sharing

General

Target

3808287657286cad978f473a3cf3917d_JaffaCakes118
Size

731KB
Sample

240711-g5jkrsvhrg
MD5

3808287657286cad978f473a3cf3917d
SHA1

687016c36a133189a598c2768cc98b2cd6e79b10
SHA256

8f7662ee33125eb7c8d53eb7b358aeb6451af51cd30cefd21fe9cd31b5397725
SHA512

aba448bdca1a63729ff4e5cafe1eee9a0f486d7928b3a6e1f19fcf9c7e1f0382019eee2968e8200fe42bf01c986c9d1bf458458e107afd39e907aeca2aea188a
SSDEEP

12288:Jaingtd/9iCpVEZxzraxdUdpmsFmjnDgGeIttwoPR5pWZhAIRXHYnrmm:JaigD/ArravUdsswnlFttwYQRXHYrmm

Score

8^/10

evasion persistence privilege_escalation

Malware Config

Targets

- Target
  
  3808287657286cad978f473a3cf3917d_JaffaCakes118
- Size
  
  731KB
- MD5
  
  3808287657286cad978f473a3cf3917d
- SHA1
  
  687016c36a133189a598c2768cc98b2cd6e79b10
- SHA256
  
  8f7662ee33125eb7c8d53eb7b358aeb6451af51cd30cefd21fe9cd31b5397725
- SHA512
  
  aba448bdca1a63729ff4e5cafe1eee9a0f486d7928b3a6e1f19fcf9c7e1f0382019eee2968e8200fe42bf01c986c9d1bf458458e107afd39e907aeca2aea188a
- SSDEEP
  
  12288:Jaingtd/9iCpVEZxzraxdUdpmsFmjnDgGeIttwoPR5pWZhAIRXHYnrmm:JaigD/ArravUdsswnlFttwYQRXHYrmm
Score

8^/10

evasion persistence privilege_escalation
- Modifies Windows Firewall
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistenceprivilege_escalation

behavioral2

evasionpersistenceprivilege_escalation