e357297bffb1e178a28e338e85f31ec524c1eae1b20fcfc86740f130a30e5834 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8be5bb0e5e47ed65de5047af58c1db27_JaffaCakes118
Size

641KB
Sample

240811-zhbwhs1fkc
MD5

8be5bb0e5e47ed65de5047af58c1db27
SHA1

6758d9e60439126f00975d8d7348468183d30e05
SHA256

e357297bffb1e178a28e338e85f31ec524c1eae1b20fcfc86740f130a30e5834
SHA512

aabff9b5ba5d4a7c18301f9e61f4989954cae8e32c26a306785b5dae661949c8dc55c670c082bd7574bfd6e75bf36c8f2a2cc8ce5f157f225ed85b611c7a500e
SSDEEP

12288:rHnGH2Jk8HpgH9nluXN7GZr8NJcypZgS+EpSZv+:TG6k8HuHJa7GZwNiy/fyZv+

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  8be5bb0e5e47ed65de5047af58c1db27_JaffaCakes118
- Size
  
  641KB
- MD5
  
  8be5bb0e5e47ed65de5047af58c1db27
- SHA1
  
  6758d9e60439126f00975d8d7348468183d30e05
- SHA256
  
  e357297bffb1e178a28e338e85f31ec524c1eae1b20fcfc86740f130a30e5834
- SHA512
  
  aabff9b5ba5d4a7c18301f9e61f4989954cae8e32c26a306785b5dae661949c8dc55c670c082bd7574bfd6e75bf36c8f2a2cc8ce5f157f225ed85b611c7a500e
- SSDEEP
  
  12288:rHnGH2Jk8HpgH9nluXN7GZr8NJcypZgS+EpSZv+:TG6k8HuHJa7GZwNiy/fyZv+
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion