7d3a812df79156d4de9bcc839c3da604c2feb764944835941a15bc4a1ea31e93 | Triage

Sharing

General

Target

ef24d09ec7f18f277c99b1fa6d847709_JaffaCakes118
Size

57KB
Sample

240921-f32swswhqh
MD5

ef24d09ec7f18f277c99b1fa6d847709
SHA1

729d7f68b9784d96dc0d1420a4b4c70d98867ec5
SHA256

7d3a812df79156d4de9bcc839c3da604c2feb764944835941a15bc4a1ea31e93
SHA512

c6519d7b0b29f70db966252052737b47a3cc1c1965d4e0493fb82d9cb310595f05e5a0a47488b84cb8e2dca0d0c03baf829e5dfec53f3b1337543316ce5db296
SSDEEP

1536:ICKoLD+h/84UimkdxMKPuDIuqwcIl9Pa/4Fzw4lAJZ:ICKomy45ZvzwcI3aEmZ

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  ef24d09ec7f18f277c99b1fa6d847709_JaffaCakes118
- Size
  
  57KB
- MD5
  
  ef24d09ec7f18f277c99b1fa6d847709
- SHA1
  
  729d7f68b9784d96dc0d1420a4b4c70d98867ec5
- SHA256
  
  7d3a812df79156d4de9bcc839c3da604c2feb764944835941a15bc4a1ea31e93
- SHA512
  
  c6519d7b0b29f70db966252052737b47a3cc1c1965d4e0493fb82d9cb310595f05e5a0a47488b84cb8e2dca0d0c03baf829e5dfec53f3b1337543316ce5db296
- SSDEEP
  
  1536:ICKoLD+h/84UimkdxMKPuDIuqwcIl9Pa/4Fzw4lAJZ:ICKomy45ZvzwcI3aEmZ
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion