42902fd13a11c0de0f85d1c8f52caf77f5c52390b0e7ccba4e6a4c23b3e87254 | Triage

Sharing

General

Target

872cef6789ef40d3c4794e05f73b9122_JaffaCakes118
Size

309KB
Sample

240810-w5drva1hql
MD5

872cef6789ef40d3c4794e05f73b9122
SHA1

105fd028ac18c2be0d485a6d07b65fc42e4341f6
SHA256

42902fd13a11c0de0f85d1c8f52caf77f5c52390b0e7ccba4e6a4c23b3e87254
SHA512

8722e64bda31663e9e740689e6e8d16f588596a1fb95d20c29b83def0448c772a9b74c5ae8f1134d9378fa86bae29d7f042908d7d6fbc6601eb35da5e30c2455
SSDEEP

6144:Im370V5jhKWojUFJDuMAKvBBj3UdYTJ5mHM+:Im37kjhKWo4iMAKvBBVJ5V

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  872cef6789ef40d3c4794e05f73b9122_JaffaCakes118
- Size
  
  309KB
- MD5
  
  872cef6789ef40d3c4794e05f73b9122
- SHA1
  
  105fd028ac18c2be0d485a6d07b65fc42e4341f6
- SHA256
  
  42902fd13a11c0de0f85d1c8f52caf77f5c52390b0e7ccba4e6a4c23b3e87254
- SHA512
  
  8722e64bda31663e9e740689e6e8d16f588596a1fb95d20c29b83def0448c772a9b74c5ae8f1134d9378fa86bae29d7f042908d7d6fbc6601eb35da5e30c2455
- SSDEEP
  
  6144:Im370V5jhKWojUFJDuMAKvBBj3UdYTJ5mHM+:Im37kjhKWo4iMAKvBBVJ5V
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion