1026fe9f4c715a0296694c44524a386708b2b501b3dfb60e32c2b25cc1a8defa | Triage

Sharing

General

Target

efc36284b15f5b29a10450279bea80ed_JaffaCakes118
Size

94KB
Sample

240921-pclhna1era
MD5

efc36284b15f5b29a10450279bea80ed
SHA1

968e0601ac081da86f20f32f41e96fcb2b09ecea
SHA256

1026fe9f4c715a0296694c44524a386708b2b501b3dfb60e32c2b25cc1a8defa
SHA512

e0e199aed1a9a7fa90f62f4580ea228bace221b27ba1e221ff23af74c072cafd2fccc88521df1a35c0972434d48c7b68e1123a292d94a63c4e4c30f51a23d967
SSDEEP

1536:7wOnbNQKLjWDyy1oRI0foMJUEbooPRrKKReFX3joyM4Hszty+k:xNQKPWDyHI0fFJltZrpReFX3fM4Mp

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  efc36284b15f5b29a10450279bea80ed_JaffaCakes118
- Size
  
  94KB
- MD5
  
  efc36284b15f5b29a10450279bea80ed
- SHA1
  
  968e0601ac081da86f20f32f41e96fcb2b09ecea
- SHA256
  
  1026fe9f4c715a0296694c44524a386708b2b501b3dfb60e32c2b25cc1a8defa
- SHA512
  
  e0e199aed1a9a7fa90f62f4580ea228bace221b27ba1e221ff23af74c072cafd2fccc88521df1a35c0972434d48c7b68e1123a292d94a63c4e4c30f51a23d967
- SSDEEP
  
  1536:7wOnbNQKLjWDyy1oRI0foMJUEbooPRrKKReFX3joyM4Hszty+k:xNQKPWDyHI0fFJltZrpReFX3fM4Mp
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion