3b2a0698274bea81d1a52c67cbae6017c08778e2ec0671b6d7fa3a2e3d95271d | Triage

Sharing

General

Target

affa1d7545fa2d2f4175a17c9ba8fc7b_JaffaCakes118
Size

60KB
Sample

240820-t1r3kasckf
MD5

affa1d7545fa2d2f4175a17c9ba8fc7b
SHA1

c6888415697e30118fdf6df73b478a34dd373711
SHA256

3b2a0698274bea81d1a52c67cbae6017c08778e2ec0671b6d7fa3a2e3d95271d
SHA512

a3b9cca36d6fb55794e0444a5863ee7eaf6c7164ebe8e0a77729f2a9e81ebae89b814d08e037da60707c20b4ba99d4dd546b32116c49ad5105a1470a1aae106d
SSDEEP

1536:NpkDCuqZep9g37PP92TfMw5PDSYJQJzp0r3dGpGvjBb3:NWD3NgLtgP5r7QJze7dGpG1b3

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  affa1d7545fa2d2f4175a17c9ba8fc7b_JaffaCakes118
- Size
  
  60KB
- MD5
  
  affa1d7545fa2d2f4175a17c9ba8fc7b
- SHA1
  
  c6888415697e30118fdf6df73b478a34dd373711
- SHA256
  
  3b2a0698274bea81d1a52c67cbae6017c08778e2ec0671b6d7fa3a2e3d95271d
- SHA512
  
  a3b9cca36d6fb55794e0444a5863ee7eaf6c7164ebe8e0a77729f2a9e81ebae89b814d08e037da60707c20b4ba99d4dd546b32116c49ad5105a1470a1aae106d
- SSDEEP
  
  1536:NpkDCuqZep9g37PP92TfMw5PDSYJQJzp0r3dGpGvjBb3:NWD3NgLtgP5r7QJze7dGpG1b3
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion