6e6bce035a03f863319c55d344ea7b901de2838b5531d93140ea729424a45d30 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72ac9ab1e365c396845fa33f839a9366_JaffaCakes118
Size

224KB
Sample

240726-fmey7axflq
MD5

72ac9ab1e365c396845fa33f839a9366
SHA1

ae27897619c24f4033a4ca6c56c94e65a39d667a
SHA256

6e6bce035a03f863319c55d344ea7b901de2838b5531d93140ea729424a45d30
SHA512

09b0c819b9113ed5c856615ab20177f7c74442de4a8ff77d11651db59615b638b574b2861c564fed92345b920a41ce073b9950f4e2f57b6f6d3446a4a2957736
SSDEEP

6144:9OZvNXWnH4fN0jc3tA8Mn0+JgS0Ig/eUvYfdo1C7kblu6l:9OZVXWnH4fNOc+0GIIPUwfS1PZjl

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  72ac9ab1e365c396845fa33f839a9366_JaffaCakes118
- Size
  
  224KB
- MD5
  
  72ac9ab1e365c396845fa33f839a9366
- SHA1
  
  ae27897619c24f4033a4ca6c56c94e65a39d667a
- SHA256
  
  6e6bce035a03f863319c55d344ea7b901de2838b5531d93140ea729424a45d30
- SHA512
  
  09b0c819b9113ed5c856615ab20177f7c74442de4a8ff77d11651db59615b638b574b2861c564fed92345b920a41ce073b9950f4e2f57b6f6d3446a4a2957736
- SSDEEP
  
  6144:9OZvNXWnH4fN0jc3tA8Mn0+JgS0Ig/eUvYfdo1C7kblu6l:9OZVXWnH4fNOc+0GIIPUwfS1PZjl
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Modifies security service
  evasion
- Deletes itself
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion