a9f6cfcb5a5d8d26fe9b9276b53df0e59fa295b972a7cb7de5f8c8e2796e52d6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc452034ce9588daac5b62f8444d0bdc_JaffaCakes118
Size

87KB
Sample

240912-n8lymavakm
MD5

dc452034ce9588daac5b62f8444d0bdc
SHA1

cd02101d806a57fd77b1381e442c2a79734bef68
SHA256

a9f6cfcb5a5d8d26fe9b9276b53df0e59fa295b972a7cb7de5f8c8e2796e52d6
SHA512

48c048ffa226188a5f79447bafff0b0f0bbb411648597b10638fb34790b2db22a1d0c0796a75278a20e24b0ce630c4f036aa2ca18fb2809a3f06f020c7373728
SSDEEP

1536:54bsEQEbxsSefRcitQZkBjsRtzs2NTGgpvZfIInECMDkCL50Ix+xbvGECi:54wEQNSefRekBGzOgpvZ9EhDkzESr

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  dc452034ce9588daac5b62f8444d0bdc_JaffaCakes118
- Size
  
  87KB
- MD5
  
  dc452034ce9588daac5b62f8444d0bdc
- SHA1
  
  cd02101d806a57fd77b1381e442c2a79734bef68
- SHA256
  
  a9f6cfcb5a5d8d26fe9b9276b53df0e59fa295b972a7cb7de5f8c8e2796e52d6
- SHA512
  
  48c048ffa226188a5f79447bafff0b0f0bbb411648597b10638fb34790b2db22a1d0c0796a75278a20e24b0ce630c4f036aa2ca18fb2809a3f06f020c7373728
- SSDEEP
  
  1536:54bsEQEbxsSefRcitQZkBjsRtzs2NTGgpvZfIInECMDkCL50Ix+xbvGECi:54wEQNSefRekBGzOgpvZ9EhDkzESr
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion