1371f767fc5fcfbec3198f1b1f1dd93939f22c1e8b181924bb2740ac735fc693 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c75aeb58a5083be8db84e6a798f99660_JaffaCakes118
Size

174KB
Sample

240828-wgc6eayejd
MD5

c75aeb58a5083be8db84e6a798f99660
SHA1

d166189bdd9f82eba556d4a0e23f7b3c435cac0b
SHA256

1371f767fc5fcfbec3198f1b1f1dd93939f22c1e8b181924bb2740ac735fc693
SHA512

dc9adfb8b0a30f1f01df4c3e75408b1285513a0a6ab0a5facc6dc20fa51b9058947db4ca3b36e8e7382ba621e76a24e929e696856c78a8bbe3b0fd4d9f6a2ab4
SSDEEP

3072:MyyK7YU+s7dScGdolnUbNeZI+qCfZY11WavjLf+s/F5tDyMR/6YTH5HUN:MyHP7/GdouNeZrrfW9LCutHTH9U

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  c75aeb58a5083be8db84e6a798f99660_JaffaCakes118
- Size
  
  174KB
- MD5
  
  c75aeb58a5083be8db84e6a798f99660
- SHA1
  
  d166189bdd9f82eba556d4a0e23f7b3c435cac0b
- SHA256
  
  1371f767fc5fcfbec3198f1b1f1dd93939f22c1e8b181924bb2740ac735fc693
- SHA512
  
  dc9adfb8b0a30f1f01df4c3e75408b1285513a0a6ab0a5facc6dc20fa51b9058947db4ca3b36e8e7382ba621e76a24e929e696856c78a8bbe3b0fd4d9f6a2ab4
- SSDEEP
  
  3072:MyyK7YU+s7dScGdolnUbNeZI+qCfZY11WavjLf+s/F5tDyMR/6YTH5HUN:MyHP7/GdouNeZrrfW9LCutHTH9U
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion