24be963b9afbd28fd94a274b02694a26e7c34d8cc52cd59b9c9e670817dc990e | Triage

Sharing

General

Target

eca70ccddd769262437694564b8e67fc_JaffaCakes118
Size

263KB
Sample

240920-csxveateqg
MD5

eca70ccddd769262437694564b8e67fc
SHA1

05557b967eaa560c57085d1b57f4ec461dfb1115
SHA256

24be963b9afbd28fd94a274b02694a26e7c34d8cc52cd59b9c9e670817dc990e
SHA512

3df9b72d473ef6bb605099f26a8ecb68a4446bfa4badc42cbbc10a575fd5d67268170a115ef3e48b4c2a917e74c7bcb2fea2269d9b718526958803d06442278d
SSDEEP

6144:7EYZeuWfuEpd8YesjsoO2mdJ4HT0xt6K99eeblzcq:deupEpDesQoO2mdJ4z0bD3j1cq

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  eca70ccddd769262437694564b8e67fc_JaffaCakes118
- Size
  
  263KB
- MD5
  
  eca70ccddd769262437694564b8e67fc
- SHA1
  
  05557b967eaa560c57085d1b57f4ec461dfb1115
- SHA256
  
  24be963b9afbd28fd94a274b02694a26e7c34d8cc52cd59b9c9e670817dc990e
- SHA512
  
  3df9b72d473ef6bb605099f26a8ecb68a4446bfa4badc42cbbc10a575fd5d67268170a115ef3e48b4c2a917e74c7bcb2fea2269d9b718526958803d06442278d
- SSDEEP
  
  6144:7EYZeuWfuEpd8YesjsoO2mdJ4HT0xt6K99eeblzcq:deupEpDesQoO2mdJ4z0bD3j1cq
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion