60eeb2c2625616e28e523e6e68c1663a5a518ba2f32473b865fc99b26df2c60f | Triage

Sharing

General

Target

eee251fd9a142364ecf7b4c49d81dec2_JaffaCakes118
Size

58KB
Sample

240921-cpwg6szhkg
MD5

eee251fd9a142364ecf7b4c49d81dec2
SHA1

b980527df0d5765374c2dd153823b33f0785bbef
SHA256

60eeb2c2625616e28e523e6e68c1663a5a518ba2f32473b865fc99b26df2c60f
SHA512

168249a909bed91b2cfb652f6ea069e10104b7dd4d2c5f7601fdb07281587178372c6e0c3d0778c2872305c149e185028323ce341ba287754c63f7da5c5c6b2a
SSDEEP

1536:v+Pdvqr9PxDtIQI5Fdm+0NpMiNaSUSGy5H9sG8:Yu9ZDtIQI5/mX5aSUE9sG

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  eee251fd9a142364ecf7b4c49d81dec2_JaffaCakes118
- Size
  
  58KB
- MD5
  
  eee251fd9a142364ecf7b4c49d81dec2
- SHA1
  
  b980527df0d5765374c2dd153823b33f0785bbef
- SHA256
  
  60eeb2c2625616e28e523e6e68c1663a5a518ba2f32473b865fc99b26df2c60f
- SHA512
  
  168249a909bed91b2cfb652f6ea069e10104b7dd4d2c5f7601fdb07281587178372c6e0c3d0778c2872305c149e185028323ce341ba287754c63f7da5c5c6b2a
- SSDEEP
  
  1536:v+Pdvqr9PxDtIQI5Fdm+0NpMiNaSUSGy5H9sG8:Yu9ZDtIQI5/mX5aSUE9sG
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion