4bb49891b37e210d5930df88ca8cf1fd8b7ebd8a5fbee4173386f391e2f21db7 | Triage

Sharing

General

Target

fb989a8c2c304c1d9d3eda7d422ce355_JaffaCakes118
Size

280KB
Sample

240928-f4252sygrq
MD5

fb989a8c2c304c1d9d3eda7d422ce355
SHA1

dcd1c3d7efaff5da58ecb8d8cfdd89aaf685d1a9
SHA256

4bb49891b37e210d5930df88ca8cf1fd8b7ebd8a5fbee4173386f391e2f21db7
SHA512

24707ea218f4f07957a5bdc21def0f5b45489699cd1ab61d989360c3100f9831567bc670d4fc5754488f67040d95fdbabde690df4cd7fb7f14b7990ab3ee24c7
SSDEEP

1536:7z43i6EJ02LyV3kFdp+0zI1ZBjhRDmmHeIcinLJcoHQHP3i6EJ02LyV3rEemkp6E:7zLyV3kF21im+YLxLyV3Iemzak7g86

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  fb989a8c2c304c1d9d3eda7d422ce355_JaffaCakes118
- Size
  
  280KB
- MD5
  
  fb989a8c2c304c1d9d3eda7d422ce355
- SHA1
  
  dcd1c3d7efaff5da58ecb8d8cfdd89aaf685d1a9
- SHA256
  
  4bb49891b37e210d5930df88ca8cf1fd8b7ebd8a5fbee4173386f391e2f21db7
- SHA512
  
  24707ea218f4f07957a5bdc21def0f5b45489699cd1ab61d989360c3100f9831567bc670d4fc5754488f67040d95fdbabde690df4cd7fb7f14b7990ab3ee24c7
- SSDEEP
  
  1536:7z43i6EJ02LyV3kFdp+0zI1ZBjhRDmmHeIcinLJcoHQHP3i6EJ02LyV3rEemkp6E:7zLyV3kF21im+YLxLyV3Iemzak7g86
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion