9b9e524fb01650309e92e5f706e04b909fbef71a4a3f2ab0aaf032bc4f4018f0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

951ef3e7ab23cf0d33c81a2076dd1807_JaffaCakes118
Size

63KB
Sample

240814-h4dtkathqk
MD5

951ef3e7ab23cf0d33c81a2076dd1807
SHA1

b9097dca9eebdfa459e3d9a5d31daac657556e3a
SHA256

9b9e524fb01650309e92e5f706e04b909fbef71a4a3f2ab0aaf032bc4f4018f0
SHA512

e6e1a37b8083be0b382d5db02a6916856e075152ae98aa3f22c2b6850d947683351a6f61ba6192c9a29f2a292e0b83e1643aa6ab7adaf3bbfd87abdf79e81733
SSDEEP

768:XdkoHXteEZ5LG1Xg22BdnCnfe7MwM3cEysLMalKqpmr8Q5pRnl/RjGo8gJG8eYoM:+xEZ1Q2vCGK5Vlg8Q5pl/HJPezDZz

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  951ef3e7ab23cf0d33c81a2076dd1807_JaffaCakes118
- Size
  
  63KB
- MD5
  
  951ef3e7ab23cf0d33c81a2076dd1807
- SHA1
  
  b9097dca9eebdfa459e3d9a5d31daac657556e3a
- SHA256
  
  9b9e524fb01650309e92e5f706e04b909fbef71a4a3f2ab0aaf032bc4f4018f0
- SHA512
  
  e6e1a37b8083be0b382d5db02a6916856e075152ae98aa3f22c2b6850d947683351a6f61ba6192c9a29f2a292e0b83e1643aa6ab7adaf3bbfd87abdf79e81733
- SSDEEP
  
  768:XdkoHXteEZ5LG1Xg22BdnCnfe7MwM3cEysLMalKqpmr8Q5pRnl/RjGo8gJG8eYoM:+xEZ1Q2vCGK5Vlg8Q5pl/HJPezDZz
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion