252bf550647977be23a7cc28426df74554d63fe4f55ef88807fde920bec70556 | Triage

Sharing

General

Target

b5a2b4324654f5555224d411c5ba7981_JaffaCakes118
Size

292KB
Sample

240822-arp23aseql
MD5

b5a2b4324654f5555224d411c5ba7981
SHA1

96e4ac895ea552d1dbacef8557e7445791092746
SHA256

252bf550647977be23a7cc28426df74554d63fe4f55ef88807fde920bec70556
SHA512

72fd707fc5795f6c76e1e35cd09bf9a4e7ebf845cc4d54a67b62e79296209822f7a0ee3b10e9f0540badfc86b5ddb1b5ee4692563ed0e5b71c40396e20efb963
SSDEEP

6144:sgpoUV1sLP2DyJsTpOqFK0IsmI8sGXzhTrmeR0gdm9Ga:sgeom2DyAFKfsmrRAo

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  b5a2b4324654f5555224d411c5ba7981_JaffaCakes118
- Size
  
  292KB
- MD5
  
  b5a2b4324654f5555224d411c5ba7981
- SHA1
  
  96e4ac895ea552d1dbacef8557e7445791092746
- SHA256
  
  252bf550647977be23a7cc28426df74554d63fe4f55ef88807fde920bec70556
- SHA512
  
  72fd707fc5795f6c76e1e35cd09bf9a4e7ebf845cc4d54a67b62e79296209822f7a0ee3b10e9f0540badfc86b5ddb1b5ee4692563ed0e5b71c40396e20efb963
- SSDEEP
  
  6144:sgpoUV1sLP2DyJsTpOqFK0IsmI8sGXzhTrmeR0gdm9Ga:sgeom2DyAFKfsmrRAo
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion