1363bdfc861e4180b4855ca2d483789b0d208134c4404ca5ed2f272fe84077a5 | Triage

Sharing

General

Target

edc9bda9ff314e2007000111530ca007_JaffaCakes118
Size

46KB
Sample

240920-rtgbda1glq
MD5

edc9bda9ff314e2007000111530ca007
SHA1

8288ac6a622b7091dd44d3119537909966c6b295
SHA256

1363bdfc861e4180b4855ca2d483789b0d208134c4404ca5ed2f272fe84077a5
SHA512

d6f9ab3c0ba2a73969eb55a70164d675a63b27350cffbbfd3c3e6558713275efb21e7ed633463de89c01ab8cf14e6cc6da5f2495f8f9415ab3fe516c28d147e9
SSDEEP

768:yeIJ3wCJZ8EurZi5PfwsyyF0tqT/LAw0Jz9yRvszZ2iZl2vDGtVqpk:y5RwQxfSsgJ5y01hZIyQk

Score

10^/10

discovery evasion persistence

Malware Config

Targets

- Target
  
  edc9bda9ff314e2007000111530ca007_JaffaCakes118
- Size
  
  46KB
- MD5
  
  edc9bda9ff314e2007000111530ca007
- SHA1
  
  8288ac6a622b7091dd44d3119537909966c6b295
- SHA256
  
  1363bdfc861e4180b4855ca2d483789b0d208134c4404ca5ed2f272fe84077a5
- SHA512
  
  d6f9ab3c0ba2a73969eb55a70164d675a63b27350cffbbfd3c3e6558713275efb21e7ed633463de89c01ab8cf14e6cc6da5f2495f8f9415ab3fe516c28d147e9
- SSDEEP
  
  768:yeIJ3wCJZ8EurZi5PfwsyyF0tqT/LAw0Jz9yRvszZ2iZl2vDGtVqpk:y5RwQxfSsgJ5y01hZIyQk
Score

10^/10

discovery evasion persistence
- Modifies firewall policy service
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

discoveryevasion