1bdb8bc66acf931cc30d70fc22ae5d219778c1e5dda838f643c6e19b6e4e855c | Triage

Sharing

General

Target

ea900a3c273effe43a6d8855ddc348b8_JaffaCakes118
Size

100KB
Sample

240919-esm2bazhje
MD5

ea900a3c273effe43a6d8855ddc348b8
SHA1

794d38dbc1bcbe370f43375142c2fb5cfea58f6e
SHA256

1bdb8bc66acf931cc30d70fc22ae5d219778c1e5dda838f643c6e19b6e4e855c
SHA512

a8e5a5e02cf57053f108fa8a19bbefd699377d72393b31dbf1919267dac243d6cc8d59a9b544de7d6e508e766a7e2a318c94a2a0e24cbb66e631da92f48c1cee
SSDEEP

3072:jMlgwsdjR3QqTQS9b3VRUJn0ONgETDYVeMgk/YOVHp:jMlgwsr3QqT59b3gJn0ONgODYVeM3QOV

Score

8^/10

discovery evasion persistence privilege_escalation

Malware Config

Targets

- Target
  
  ea900a3c273effe43a6d8855ddc348b8_JaffaCakes118
- Size
  
  100KB
- MD5
  
  ea900a3c273effe43a6d8855ddc348b8
- SHA1
  
  794d38dbc1bcbe370f43375142c2fb5cfea58f6e
- SHA256
  
  1bdb8bc66acf931cc30d70fc22ae5d219778c1e5dda838f643c6e19b6e4e855c
- SHA512
  
  a8e5a5e02cf57053f108fa8a19bbefd699377d72393b31dbf1919267dac243d6cc8d59a9b544de7d6e508e766a7e2a318c94a2a0e24cbb66e631da92f48c1cee
- SSDEEP
  
  3072:jMlgwsdjR3QqTQS9b3VRUJn0ONgETDYVeMgk/YOVHp:jMlgwsr3QqT59b3gJn0ONgODYVeM3QOV
Score

8^/10

discovery evasion persistence privilege_escalation
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceprivilege_escalation

behavioral2

discoveryevasionpersistenceprivilege_escalation