8fa0de2b9296a6ab0b7777f6b6fb05712bdda68212d406e5a1029156a96a5f7f | Triage

Sharing

General

Target

041f1207f046ee66f67f5ba799d02edf_JaffaCakes118
Size

380KB
Sample

241001-df4yma1fpg
MD5

041f1207f046ee66f67f5ba799d02edf
SHA1

61ef31c7f3f734d059eb109dd7129c54175d2e77
SHA256

8fa0de2b9296a6ab0b7777f6b6fb05712bdda68212d406e5a1029156a96a5f7f
SHA512

ac06562c5d48377cb0af19e9e4852dffe8965cd0ad3f520ba60cc4c8c6392dbb53348446ee974b7aadf394a67b7558bd83c182bf597070d1f2919b3dc8781620
SSDEEP

6144:safDfPW94DflC1vJHXzh8egd0/2A4wm8b73XP47:sMbxYB3zhAGv4wT7XO

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  041f1207f046ee66f67f5ba799d02edf_JaffaCakes118
- Size
  
  380KB
- MD5
  
  041f1207f046ee66f67f5ba799d02edf
- SHA1
  
  61ef31c7f3f734d059eb109dd7129c54175d2e77
- SHA256
  
  8fa0de2b9296a6ab0b7777f6b6fb05712bdda68212d406e5a1029156a96a5f7f
- SHA512
  
  ac06562c5d48377cb0af19e9e4852dffe8965cd0ad3f520ba60cc4c8c6392dbb53348446ee974b7aadf394a67b7558bd83c182bf597070d1f2919b3dc8781620
- SSDEEP
  
  6144:safDfPW94DflC1vJHXzh8egd0/2A4wm8b73XP47:sMbxYB3zhAGv4wT7XO
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion