aa20c295f25f18e126dddb0996fe1a810e32d2520839811ef4189ca542cfaba0 | Triage

Sharing

General

Target

b1e08c0d19510b6d77a924aba6e8b340_JaffaCakes118
Size

137KB
Sample

240821-djczbaxblh
MD5

b1e08c0d19510b6d77a924aba6e8b340
SHA1

13602d804e28aba5a1e0b1964d805978be85e64c
SHA256

aa20c295f25f18e126dddb0996fe1a810e32d2520839811ef4189ca542cfaba0
SHA512

a25de8eebf03032b3faefd9c47a1ed631ef016cc69907b6675fc8988fd5054a20023ccb08bcdfe68c3f83eeb571056d2e937875fb5aab936089dbc1d9ba419d0
SSDEEP

3072:Hcqe7Sp5+1k12b/Af885RK2LpDoTe0GdaG:HcL7+5+1kf15ZMe0Go

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  b1e08c0d19510b6d77a924aba6e8b340_JaffaCakes118
- Size
  
  137KB
- MD5
  
  b1e08c0d19510b6d77a924aba6e8b340
- SHA1
  
  13602d804e28aba5a1e0b1964d805978be85e64c
- SHA256
  
  aa20c295f25f18e126dddb0996fe1a810e32d2520839811ef4189ca542cfaba0
- SHA512
  
  a25de8eebf03032b3faefd9c47a1ed631ef016cc69907b6675fc8988fd5054a20023ccb08bcdfe68c3f83eeb571056d2e937875fb5aab936089dbc1d9ba419d0
- SSDEEP
  
  3072:Hcqe7Sp5+1k12b/Af885RK2LpDoTe0GdaG:HcL7+5+1kf15ZMe0Go
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion