fc3c026ea4f44a8303e44938b8887531668ec8b12429c9c818ca4fb0f573cc81 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac3db7fae42f2297a084ada84f3b1d11_JaffaCakes118
Size

292KB
Sample

240819-xz4azs1eqb
MD5

ac3db7fae42f2297a084ada84f3b1d11
SHA1

33b410a5fdb95efdf71cf0dd5c1b376397148de4
SHA256

fc3c026ea4f44a8303e44938b8887531668ec8b12429c9c818ca4fb0f573cc81
SHA512

6246aad578bb3daa3bd23c5e259b8c5872c7bd716bf794d92f46ede4aef549418bdb3922220d10f81fb2f52d9f4a296ed01eee7c4569d22b8669fb44a80c011b
SSDEEP

3072:RVm9nuIxHnC3YPvr0bTMsS+ocr1sERVjZ1Ko7Pg/d1BFp+M:zm9uljPoHp+M

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  ac3db7fae42f2297a084ada84f3b1d11_JaffaCakes118
- Size
  
  292KB
- MD5
  
  ac3db7fae42f2297a084ada84f3b1d11
- SHA1
  
  33b410a5fdb95efdf71cf0dd5c1b376397148de4
- SHA256
  
  fc3c026ea4f44a8303e44938b8887531668ec8b12429c9c818ca4fb0f573cc81
- SHA512
  
  6246aad578bb3daa3bd23c5e259b8c5872c7bd716bf794d92f46ede4aef549418bdb3922220d10f81fb2f52d9f4a296ed01eee7c4569d22b8669fb44a80c011b
- SSDEEP
  
  3072:RVm9nuIxHnC3YPvr0bTMsS+ocr1sERVjZ1Ko7Pg/d1BFp+M:zm9uljPoHp+M
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion