f6351b4088886de5a58818000c0b99e302354f789d2de1d4bca1291f4847f9d8 | Triage

Sharing

General

Target

ee92daf857a5bda263f6741df4796940_JaffaCakes118
Size

85KB
Sample

240920-2pcshascrf
MD5

ee92daf857a5bda263f6741df4796940
SHA1

91f9db279237b0cb0adece073e6dae5a1f0b5bbd
SHA256

f6351b4088886de5a58818000c0b99e302354f789d2de1d4bca1291f4847f9d8
SHA512

98abfa37ac754eecb2b63c503fd4b0a4744656f15f341760462ed2ecc1cd6536df65ea9de8440b2b727e0e15c20b966da04ed22ef70b98f6b28212389eb60a93
SSDEEP

1536:7esdME2JlzUdWv9isBRaybqc/9Si0frKXtuMzof1bx8+m:TME2Id6IMzx9SoMMzof1bx8+m

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  ee92daf857a5bda263f6741df4796940_JaffaCakes118
- Size
  
  85KB
- MD5
  
  ee92daf857a5bda263f6741df4796940
- SHA1
  
  91f9db279237b0cb0adece073e6dae5a1f0b5bbd
- SHA256
  
  f6351b4088886de5a58818000c0b99e302354f789d2de1d4bca1291f4847f9d8
- SHA512
  
  98abfa37ac754eecb2b63c503fd4b0a4744656f15f341760462ed2ecc1cd6536df65ea9de8440b2b727e0e15c20b966da04ed22ef70b98f6b28212389eb60a93
- SSDEEP
  
  1536:7esdME2JlzUdWv9isBRaybqc/9Si0frKXtuMzof1bx8+m:TME2Id6IMzx9SoMMzof1bx8+m
Score

10^/10

evasion discovery
- Modifies firewall policy service
  evasion
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion