62f24d243004248f7cea155a86e1e10a73b2d7b5f3163b1300b3e06737e09036 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ecce53b5f882c0ecb37f5cb0c0fd7f1_JaffaCakes118
Size

43KB
Sample

240712-zfh7ta1gpg
MD5

3ecce53b5f882c0ecb37f5cb0c0fd7f1
SHA1

c8f36c4a43c7f6be24aee4d6e94a6289ab131d9a
SHA256

62f24d243004248f7cea155a86e1e10a73b2d7b5f3163b1300b3e06737e09036
SHA512

89c5e45bed1ece42f9be0434ee2c443b022648a3b2cfbc0c188897d21e0517dbef6bbcc94a1184de758a9bd2104f53a244328babf061b4c802b5032a5872726a
SSDEEP

768:nV8XCTEzdPxT1logH+ooM8RxpzmtG9401xy0sGBNo7WAb11dgZ:r/gH+ooM8TptyZ8NoWQY

Score

10^/10

evasion persistence privilege_escalation

Malware Config

Targets

- Target
  
  3ecce53b5f882c0ecb37f5cb0c0fd7f1_JaffaCakes118
- Size
  
  43KB
- MD5
  
  3ecce53b5f882c0ecb37f5cb0c0fd7f1
- SHA1
  
  c8f36c4a43c7f6be24aee4d6e94a6289ab131d9a
- SHA256
  
  62f24d243004248f7cea155a86e1e10a73b2d7b5f3163b1300b3e06737e09036
- SHA512
  
  89c5e45bed1ece42f9be0434ee2c443b022648a3b2cfbc0c188897d21e0517dbef6bbcc94a1184de758a9bd2104f53a244328babf061b4c802b5032a5872726a
- SSDEEP
  
  768:nV8XCTEzdPxT1logH+ooM8RxpzmtG9401xy0sGBNo7WAb11dgZ:r/gH+ooM8TptyZ8NoWQY
Score

10^/10

evasion persistence privilege_escalation
- Modifies firewall policy service
  evasion
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistenceprivilege_escalation

behavioral2

evasionpersistenceprivilege_escalation