db99e6d1882f0cf288e6f4372c5463d23a9fa067b0c486909ab5a50f30fc5bcb | Triage

Sharing

General

Target

c8080f758c753cb82d1fbc0c09528d2d_JaffaCakes118
Size

486KB
Sample

240829-cdfbtaxhkg
MD5

c8080f758c753cb82d1fbc0c09528d2d
SHA1

41eb3e1a49db991c87a248591864e1f7c67509ca
SHA256

db99e6d1882f0cf288e6f4372c5463d23a9fa067b0c486909ab5a50f30fc5bcb
SHA512

e4f6339449c7122fdbbb7d0e355eb42c6364bbc7c77cbe9d6841fe722f88e0678bbce693aec7b68f557cd5f3b94e33ec5df0e4cbff89032bec50ab6ee237212c
SSDEEP

3072:EhRx11315oF8opcnD1hOOrWGzN2lcR2u8JnxIb4p+X+xFFCcll3H3rH3XD7Inm+M:iHF5oXpcFb5DRsNxIb4peR4S6VNs4Kt

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  c8080f758c753cb82d1fbc0c09528d2d_JaffaCakes118
- Size
  
  486KB
- MD5
  
  c8080f758c753cb82d1fbc0c09528d2d
- SHA1
  
  41eb3e1a49db991c87a248591864e1f7c67509ca
- SHA256
  
  db99e6d1882f0cf288e6f4372c5463d23a9fa067b0c486909ab5a50f30fc5bcb
- SHA512
  
  e4f6339449c7122fdbbb7d0e355eb42c6364bbc7c77cbe9d6841fe722f88e0678bbce693aec7b68f557cd5f3b94e33ec5df0e4cbff89032bec50ab6ee237212c
- SSDEEP
  
  3072:EhRx11315oF8opcnD1hOOrWGzN2lcR2u8JnxIb4p+X+xFFCcll3H3rH3XD7Inm+M:iHF5oXpcFb5DRsNxIb4peR4S6VNs4Kt
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion