3e9e8034d5e5767e2861aabde638153586f7bf605e959ec4a3a0f5487896ae94 | Triage

Sharing

General

Target

ed1578ded621e4eedd536ef733d09028_JaffaCakes118
Size

240KB
Sample

240920-h2kjbsvanb
MD5

ed1578ded621e4eedd536ef733d09028
SHA1

1612526d9f127a37a777f4fc3d313923e5532715
SHA256

3e9e8034d5e5767e2861aabde638153586f7bf605e959ec4a3a0f5487896ae94
SHA512

de683c30ef23fcec477c09d490408ca8a5ba9ec5555debb3500220ecc0857076c85ee3397f76286972803a134a509f321e88224e1b20dd6d936eb52ea466d621
SSDEEP

6144:EWcyRAkMgRqEG9DdrPYBufeMqiQ0OsDy:tRANgRqEG9gFiFDy

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  ed1578ded621e4eedd536ef733d09028_JaffaCakes118
- Size
  
  240KB
- MD5
  
  ed1578ded621e4eedd536ef733d09028
- SHA1
  
  1612526d9f127a37a777f4fc3d313923e5532715
- SHA256
  
  3e9e8034d5e5767e2861aabde638153586f7bf605e959ec4a3a0f5487896ae94
- SHA512
  
  de683c30ef23fcec477c09d490408ca8a5ba9ec5555debb3500220ecc0857076c85ee3397f76286972803a134a509f321e88224e1b20dd6d936eb52ea466d621
- SSDEEP
  
  6144:EWcyRAkMgRqEG9DdrPYBufeMqiQ0OsDy:tRANgRqEG9gFiFDy
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion