f92a9453935a6ea3b06a8e6d990171a157e28be570938f625b3d75908c7d23d0 | Triage

Sharing

General

Target

47fe736a509435c7c919ea0efc65a8e9_JaffaCakes118
Size

97KB
Sample

240715-dvnvyswamj
MD5

47fe736a509435c7c919ea0efc65a8e9
SHA1

e55c202fc315d7a26c54a98ed688594d914ec29a
SHA256

f92a9453935a6ea3b06a8e6d990171a157e28be570938f625b3d75908c7d23d0
SHA512

463109c40920a84c3f748ac2f09b1606b9add7c3d2dc8588ffff3de9e9f0fcbca0e659ab56ceabba1146d06e207ebe675994d5db844b70b001fb08dceacd569f
SSDEEP

3072:WxnyKboeN9MZDkj7WkuBb849zDxDoIEl:epNkDkj6kMbvptO

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  47fe736a509435c7c919ea0efc65a8e9_JaffaCakes118
- Size
  
  97KB
- MD5
  
  47fe736a509435c7c919ea0efc65a8e9
- SHA1
  
  e55c202fc315d7a26c54a98ed688594d914ec29a
- SHA256
  
  f92a9453935a6ea3b06a8e6d990171a157e28be570938f625b3d75908c7d23d0
- SHA512
  
  463109c40920a84c3f748ac2f09b1606b9add7c3d2dc8588ffff3de9e9f0fcbca0e659ab56ceabba1146d06e207ebe675994d5db844b70b001fb08dceacd569f
- SSDEEP
  
  3072:WxnyKboeN9MZDkj7WkuBb849zDxDoIEl:epNkDkj6kMbvptO
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2