d03e0371bb6a5ef979c3ac52a7dd2493591396b189d6c0c2a5522966333d0683 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64d6fe27abf56f80cb171b12ef2e65bd_JaffaCakes118
Size

68KB
Sample

240722-z5kf6sydqc
MD5

64d6fe27abf56f80cb171b12ef2e65bd
SHA1

771219ccfe248cda793918a4b62034836e7a1f90
SHA256

d03e0371bb6a5ef979c3ac52a7dd2493591396b189d6c0c2a5522966333d0683
SHA512

24494171b103edb99dde68f8d238a8f5f69498688ed70d39888dbd9425a4407c03e9445312a2ffc617c39fcfd65b2e1ec33e7b22231da9181692d3a0442dd59f
SSDEEP

1536:VB4O6fD3RkeMeWq6MgxPRpRGqEWqY3EkflXbFtGq:VBCD3RWeSxlBJXbFtGq

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  64d6fe27abf56f80cb171b12ef2e65bd_JaffaCakes118
- Size
  
  68KB
- MD5
  
  64d6fe27abf56f80cb171b12ef2e65bd
- SHA1
  
  771219ccfe248cda793918a4b62034836e7a1f90
- SHA256
  
  d03e0371bb6a5ef979c3ac52a7dd2493591396b189d6c0c2a5522966333d0683
- SHA512
  
  24494171b103edb99dde68f8d238a8f5f69498688ed70d39888dbd9425a4407c03e9445312a2ffc617c39fcfd65b2e1ec33e7b22231da9181692d3a0442dd59f
- SSDEEP
  
  1536:VB4O6fD3RkeMeWq6MgxPRpRGqEWqY3EkflXbFtGq:VBCD3RWeSxlBJXbFtGq
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2