0eb6000ef925960123c92967bac2895939d0fde1af074cba594512d16d96e110 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b562c300a453ef4583e76c3284315f96_JaffaCakes118
Size

65KB
Sample

240821-2xshxsyfqr
MD5

b562c300a453ef4583e76c3284315f96
SHA1

a60e3fcc9097794a698a724f58c9dd5e23690d13
SHA256

0eb6000ef925960123c92967bac2895939d0fde1af074cba594512d16d96e110
SHA512

e1446a33007883c4cd3fb0fbe308311b325cbd6c2c47161f1b77746945b12c7367db1082d8b6be174d9580bcff8839f553f09ebee26a52951f7d36c11a1cb50c
SSDEEP

1536:ArayLgKh8/HIYNcn0HUprPyzVmghZREKHI/qBTwMTe3zBz:gkKh8/HIYNc0wTyzV9z+iISBTwPVz

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  b562c300a453ef4583e76c3284315f96_JaffaCakes118
- Size
  
  65KB
- MD5
  
  b562c300a453ef4583e76c3284315f96
- SHA1
  
  a60e3fcc9097794a698a724f58c9dd5e23690d13
- SHA256
  
  0eb6000ef925960123c92967bac2895939d0fde1af074cba594512d16d96e110
- SHA512
  
  e1446a33007883c4cd3fb0fbe308311b325cbd6c2c47161f1b77746945b12c7367db1082d8b6be174d9580bcff8839f553f09ebee26a52951f7d36c11a1cb50c
- SSDEEP
  
  1536:ArayLgKh8/HIYNcn0HUprPyzVmghZREKHI/qBTwMTe3zBz:gkKh8/HIYNc0wTyzV9z+iISBTwPVz
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion