0246e845c3d35b259a2c8fa04ecbc40b2b4e500e4304541c535c06c2bfad7c9c | Triage

Sharing

General

Target

8970f0b1cced12b4838bd357b165efe5_JaffaCakes118
Size

184KB
Sample

240811-hvedqszcrr
MD5

8970f0b1cced12b4838bd357b165efe5
SHA1

722b00fb51d754152496cd62b6dad06d59d40008
SHA256

0246e845c3d35b259a2c8fa04ecbc40b2b4e500e4304541c535c06c2bfad7c9c
SHA512

6f2f885d228927c43e5ca1265fdfb88ba71dba51537fb03c7904b71a7ae38b362a2c589d6c5acdd0a053c2014897463c011d0344d440129e04df08b576d4a64a
SSDEEP

3072:2FyQPp/KDhfFzuUvI9vMD+dNbyPm43p3mthcQQFlnsLiAp:2FyQPp/KD1FCUQPcmhwqp

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  8970f0b1cced12b4838bd357b165efe5_JaffaCakes118
- Size
  
  184KB
- MD5
  
  8970f0b1cced12b4838bd357b165efe5
- SHA1
  
  722b00fb51d754152496cd62b6dad06d59d40008
- SHA256
  
  0246e845c3d35b259a2c8fa04ecbc40b2b4e500e4304541c535c06c2bfad7c9c
- SHA512
  
  6f2f885d228927c43e5ca1265fdfb88ba71dba51537fb03c7904b71a7ae38b362a2c589d6c5acdd0a053c2014897463c011d0344d440129e04df08b576d4a64a
- SSDEEP
  
  3072:2FyQPp/KDhfFzuUvI9vMD+dNbyPm43p3mthcQQFlnsLiAp:2FyQPp/KD1FCUQPcmhwqp
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion