562f4909fd65a3a69636bf22c98bab851c232969a2fe8b05d96836a859465906 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e9f31dfe064805b93f518083871d684_JaffaCakes118
Size

34KB
Sample

240812-nyaslszcll
MD5

8e9f31dfe064805b93f518083871d684
SHA1

deeccbc6d28c736c5d71c6e52223e2e3c8d7c2ca
SHA256

562f4909fd65a3a69636bf22c98bab851c232969a2fe8b05d96836a859465906
SHA512

c541de849f6939d7d3dc45e49ae44caa3d27a737dac9e82f498d2a1d251762fc59cde5cc09d49eefd2f67025def3b8b7e5b9d504002027cbd4279db3304f9ab7
SSDEEP

768:g/gSg8PS8bXNdptFLPzJ2UxjHW2I8LdZ7TpSQ/vqWc:MPS4JthJ2mlIe740b

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  8e9f31dfe064805b93f518083871d684_JaffaCakes118
- Size
  
  34KB
- MD5
  
  8e9f31dfe064805b93f518083871d684
- SHA1
  
  deeccbc6d28c736c5d71c6e52223e2e3c8d7c2ca
- SHA256
  
  562f4909fd65a3a69636bf22c98bab851c232969a2fe8b05d96836a859465906
- SHA512
  
  c541de849f6939d7d3dc45e49ae44caa3d27a737dac9e82f498d2a1d251762fc59cde5cc09d49eefd2f67025def3b8b7e5b9d504002027cbd4279db3304f9ab7
- SSDEEP
  
  768:g/gSg8PS8bXNdptFLPzJ2UxjHW2I8LdZ7TpSQ/vqWc:MPS4JthJ2mlIe740b
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion