3b54f341ba04d9c5b956c2cce5f315d8a0870cdaf7028b4ed9ca5ef0a418255a | Triage

Sharing

General

Target

698be7b4563a0c1e0039f198004c724a_JaffaCakes118
Size

132KB
Sample

240724-am9kxaxbkm
MD5

698be7b4563a0c1e0039f198004c724a
SHA1

2de068d4dc126a0426366a3c089a6a1d5df40f68
SHA256

3b54f341ba04d9c5b956c2cce5f315d8a0870cdaf7028b4ed9ca5ef0a418255a
SHA512

e5d167b520ff016c8bf016ca95148c6ae5935d5f016f8c500239d7bc14606e3c59c6e7c03e69e7106471032e7a9abc9b8266084c67e39848d205d603fbc6f63a
SSDEEP

3072:kwdco0N5hVyhan/qtArmgPKDtKpFvjy56V8iCGnLZ1:kQ0N5hVsYqtArnEmw6V8iCqLX

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  698be7b4563a0c1e0039f198004c724a_JaffaCakes118
- Size
  
  132KB
- MD5
  
  698be7b4563a0c1e0039f198004c724a
- SHA1
  
  2de068d4dc126a0426366a3c089a6a1d5df40f68
- SHA256
  
  3b54f341ba04d9c5b956c2cce5f315d8a0870cdaf7028b4ed9ca5ef0a418255a
- SHA512
  
  e5d167b520ff016c8bf016ca95148c6ae5935d5f016f8c500239d7bc14606e3c59c6e7c03e69e7106471032e7a9abc9b8266084c67e39848d205d603fbc6f63a
- SSDEEP
  
  3072:kwdco0N5hVyhan/qtArmgPKDtKpFvjy56V8iCGnLZ1:kQ0N5hVsYqtArnEmw6V8iCqLX
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion