cde23cc7cf37f7d53f7e3a9a740d2df983e723323824a809bfc9516725d49fee | Triage

Sharing

General

Target

b4afab8db25d1fcc243e7be7ca7a33e9_JaffaCakes118
Size

58KB
Sample

240821-xv59sazall
MD5

b4afab8db25d1fcc243e7be7ca7a33e9
SHA1

8b7a0933e07a5c3a58dd8b12152376468d962c62
SHA256

cde23cc7cf37f7d53f7e3a9a740d2df983e723323824a809bfc9516725d49fee
SHA512

0cd848e50c2a52edfc922a18369e955b5badb372c6926f2ae0412117359a28c22f81f7339c759cbe206570415db90a0ef834322e1731d89c9780405d654faaab
SSDEEP

1536:XCKoLD+h/84UimkdxMyHWUCCMN+5AdaU4hFtP:XCKomy45ZwbhiAdaUM

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  b4afab8db25d1fcc243e7be7ca7a33e9_JaffaCakes118
- Size
  
  58KB
- MD5
  
  b4afab8db25d1fcc243e7be7ca7a33e9
- SHA1
  
  8b7a0933e07a5c3a58dd8b12152376468d962c62
- SHA256
  
  cde23cc7cf37f7d53f7e3a9a740d2df983e723323824a809bfc9516725d49fee
- SHA512
  
  0cd848e50c2a52edfc922a18369e955b5badb372c6926f2ae0412117359a28c22f81f7339c759cbe206570415db90a0ef834322e1731d89c9780405d654faaab
- SSDEEP
  
  1536:XCKoLD+h/84UimkdxMyHWUCCMN+5AdaU4hFtP:XCKomy45ZwbhiAdaUM
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion