a406864b7b1c4df4cdfd95b23acfc75abe3326c8bc1e0426a16de366cf8f6c5f | Triage

Sharing

General

Target

44e31dcd5609d3be0ee013c951c4932c_JaffaCakes118
Size

947KB
Sample

240714-jekfgstgqc
MD5

44e31dcd5609d3be0ee013c951c4932c
SHA1

a2cf6bdaf388919809e8e728633f439c382f56cc
SHA256

a406864b7b1c4df4cdfd95b23acfc75abe3326c8bc1e0426a16de366cf8f6c5f
SHA512

2b1d440412e233c3c7f0b6546545dc4ae70c55991185f95fc0c9f5de1f220d00b840d31812be5914a988550208c39d4498928c6ec661b5fda3f6750115b13e46
SSDEEP

12288:j8+PrL2x/ECm1pRm5D2yKW4ueSFP8/BIXxuuYNJ8cQbt:LZ1Hmp2TW4ueSFP86XxuuYNicQ

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  44e31dcd5609d3be0ee013c951c4932c_JaffaCakes118
- Size
  
  947KB
- MD5
  
  44e31dcd5609d3be0ee013c951c4932c
- SHA1
  
  a2cf6bdaf388919809e8e728633f439c382f56cc
- SHA256
  
  a406864b7b1c4df4cdfd95b23acfc75abe3326c8bc1e0426a16de366cf8f6c5f
- SHA512
  
  2b1d440412e233c3c7f0b6546545dc4ae70c55991185f95fc0c9f5de1f220d00b840d31812be5914a988550208c39d4498928c6ec661b5fda3f6750115b13e46
- SSDEEP
  
  12288:j8+PrL2x/ECm1pRm5D2yKW4ueSFP8/BIXxuuYNJ8cQbt:LZ1Hmp2TW4ueSFP86XxuuYNicQ
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2