68ee01ba6ec5bbb473b2c70b35e1686d92b7eb5ff95208adb4f3186bc909e044 | Triage

Sharing

General

Target

84dd4e0f6541077d13bf73041c686767_JaffaCakes118
Size

362KB
Sample

240810-fhl7pswgqk
MD5

84dd4e0f6541077d13bf73041c686767
SHA1

dc4eed9ece95d68ba18e674af02a9e52e6f18343
SHA256

68ee01ba6ec5bbb473b2c70b35e1686d92b7eb5ff95208adb4f3186bc909e044
SHA512

0e36a149196c2653af4f2318b13e7b0820f3da15079eea64ff48766e8cff617327130321a7b92555006d1b53e0e59dff6cc33f455024d718a533e0fad4fcc65b
SSDEEP

6144:s4RREcMZ5vVCiiKrao9afJu3YYtWGaVoRiS6oxH5AgyOvBGt:9buvVCiisao9Ii3aVirHBQ

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  84dd4e0f6541077d13bf73041c686767_JaffaCakes118
- Size
  
  362KB
- MD5
  
  84dd4e0f6541077d13bf73041c686767
- SHA1
  
  dc4eed9ece95d68ba18e674af02a9e52e6f18343
- SHA256
  
  68ee01ba6ec5bbb473b2c70b35e1686d92b7eb5ff95208adb4f3186bc909e044
- SHA512
  
  0e36a149196c2653af4f2318b13e7b0820f3da15079eea64ff48766e8cff617327130321a7b92555006d1b53e0e59dff6cc33f455024d718a533e0fad4fcc65b
- SSDEEP
  
  6144:s4RREcMZ5vVCiiKrao9afJu3YYtWGaVoRiS6oxH5AgyOvBGt:9buvVCiisao9Ii3aVirHBQ
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion