6a28f5a5a058441eeb57bb21d92d8784e84f3d3daa12f8d69ab3565e8174926b | Triage

Sharing

General

Target

ecf0561cfa4a3c3bc83a3eb29277e6ab_JaffaCakes118
Size

40KB
Sample

240920-gbrpaa1dja
MD5

ecf0561cfa4a3c3bc83a3eb29277e6ab
SHA1

48b9c703b35271b65775ab915c8330dd0aefe10b
SHA256

6a28f5a5a058441eeb57bb21d92d8784e84f3d3daa12f8d69ab3565e8174926b
SHA512

231f1c94aef30ca619a53040342d3ed4d949dc2677fc672d998262839a5d5f5b55bea54d67d67976f9129e4f24a475fa07abd14862433609ee5de43184b27e78
SSDEEP

768:BXho4ICjUkTV9+Q50BYUkEhQ3YotaiIexsgQ21LfME3Tt+:fUMV9+QiYEhboIULkMt+

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  ecf0561cfa4a3c3bc83a3eb29277e6ab_JaffaCakes118
- Size
  
  40KB
- MD5
  
  ecf0561cfa4a3c3bc83a3eb29277e6ab
- SHA1
  
  48b9c703b35271b65775ab915c8330dd0aefe10b
- SHA256
  
  6a28f5a5a058441eeb57bb21d92d8784e84f3d3daa12f8d69ab3565e8174926b
- SHA512
  
  231f1c94aef30ca619a53040342d3ed4d949dc2677fc672d998262839a5d5f5b55bea54d67d67976f9129e4f24a475fa07abd14862433609ee5de43184b27e78
- SSDEEP
  
  768:BXho4ICjUkTV9+Q50BYUkEhQ3YotaiIexsgQ21LfME3Tt+:fUMV9+QiYEhboIULkMt+
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion