b24c3c7d41adc9c591c327c00506ceafd9725de794361133b16c4a2ccc17d580 | Triage

Sharing

General

Target

ed4f5d4d66dc25d1660060a3b9848483_JaffaCakes118
Size

285KB
Sample

240920-lj98tazcnf
MD5

ed4f5d4d66dc25d1660060a3b9848483
SHA1

955ada6aa40e265db3aeba6ddff482069c9a1b97
SHA256

b24c3c7d41adc9c591c327c00506ceafd9725de794361133b16c4a2ccc17d580
SHA512

5cd84f3c3f869aa4ace333b968d53d8d603eb5defae60d7e6d6537f84fd9551813ee8c21250f02693700c6f09312269595504adb1d6f37349f654ed067f0977c
SSDEEP

6144:kz1AvHLGmXK2zqepGT2MXwWxcy4h5N2IolGbdiodFYUOp:Q1AvzXK2YKt/N2SYMyJ

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  ed4f5d4d66dc25d1660060a3b9848483_JaffaCakes118
- Size
  
  285KB
- MD5
  
  ed4f5d4d66dc25d1660060a3b9848483
- SHA1
  
  955ada6aa40e265db3aeba6ddff482069c9a1b97
- SHA256
  
  b24c3c7d41adc9c591c327c00506ceafd9725de794361133b16c4a2ccc17d580
- SHA512
  
  5cd84f3c3f869aa4ace333b968d53d8d603eb5defae60d7e6d6537f84fd9551813ee8c21250f02693700c6f09312269595504adb1d6f37349f654ed067f0977c
- SSDEEP
  
  6144:kz1AvHLGmXK2zqepGT2MXwWxcy4h5N2IolGbdiodFYUOp:Q1AvzXK2YKt/N2SYMyJ
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion