cb0d3ae1b2619e17b1bacb697eecb81a41412cfdcba8fd3cd983d8ba28ba52e3 | Triage

Sharing

General

Target

fb966e96a5244f591d5ffcd4b3963cc0_JaffaCakes118
Size

96KB
Sample

240928-f1mk7ayflj
MD5

fb966e96a5244f591d5ffcd4b3963cc0
SHA1

77d52171dcd666417707d1a33670befc32eaccb3
SHA256

cb0d3ae1b2619e17b1bacb697eecb81a41412cfdcba8fd3cd983d8ba28ba52e3
SHA512

7b3abaa6c1d90d63a6d7099c556ed1c3af4c9e27a22b992beff29b10850c7a2519a22f657ef59899ec613b704a527612c646654d4cdb0336f0053c3a432e1a87
SSDEEP

1536:6HjRAtownpa6YZ+t5gKFu8BpSUxaBXnO8zlEJKjwPkaibQre51BYbn9/xM:6H9EVnUjUR1uXOklEnPkaikScnL

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  fb966e96a5244f591d5ffcd4b3963cc0_JaffaCakes118
- Size
  
  96KB
- MD5
  
  fb966e96a5244f591d5ffcd4b3963cc0
- SHA1
  
  77d52171dcd666417707d1a33670befc32eaccb3
- SHA256
  
  cb0d3ae1b2619e17b1bacb697eecb81a41412cfdcba8fd3cd983d8ba28ba52e3
- SHA512
  
  7b3abaa6c1d90d63a6d7099c556ed1c3af4c9e27a22b992beff29b10850c7a2519a22f657ef59899ec613b704a527612c646654d4cdb0336f0053c3a432e1a87
- SSDEEP
  
  1536:6HjRAtownpa6YZ+t5gKFu8BpSUxaBXnO8zlEJKjwPkaibQre51BYbn9/xM:6H9EVnUjUR1uXOklEnPkaikScnL
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion