3c30b269186709a8eae0a4ecf8a5a208cc48cb7837103bc6a7c288edc38f9177 | Triage

Sharing

General

Target

ee962068678f0064a66bd417c3500423_JaffaCakes118
Size

204KB
Sample

240920-2tw2yashlq
MD5

ee962068678f0064a66bd417c3500423
SHA1

5622f4feb2b8eb8385b8734d1c149f22db283d54
SHA256

3c30b269186709a8eae0a4ecf8a5a208cc48cb7837103bc6a7c288edc38f9177
SHA512

48b2bbe61e7232ba72f22168b49a6f859d638466bc59a4e5862af544c75c15d3178a1f0a0db8052142f4bcaf1aecd22c0377a7dcd73bd89a07f6c672f28121ad
SSDEEP

3072:jUHWCZAE6KZyNaoIHNcbPa2hENd3SyRorQ/v5ED4uHDI:jYyd7N6+EbOueD

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  ee962068678f0064a66bd417c3500423_JaffaCakes118
- Size
  
  204KB
- MD5
  
  ee962068678f0064a66bd417c3500423
- SHA1
  
  5622f4feb2b8eb8385b8734d1c149f22db283d54
- SHA256
  
  3c30b269186709a8eae0a4ecf8a5a208cc48cb7837103bc6a7c288edc38f9177
- SHA512
  
  48b2bbe61e7232ba72f22168b49a6f859d638466bc59a4e5862af544c75c15d3178a1f0a0db8052142f4bcaf1aecd22c0377a7dcd73bd89a07f6c672f28121ad
- SSDEEP
  
  3072:jUHWCZAE6KZyNaoIHNcbPa2hENd3SyRorQ/v5ED4uHDI:jYyd7N6+EbOueD
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion