9dbd28fd3a2145514cc55b493593a7630f47342c64141e66d127108e8d3b88c3 | Triage

Sharing

General

Target

08490ce30cbc82edf20b0052580e9524_JaffaCakes118
Size

194KB
Sample

241002-b19cqs1bnp
MD5

08490ce30cbc82edf20b0052580e9524
SHA1

1579654b1a86f25ef51bd422c33c3d1624ebfd26
SHA256

9dbd28fd3a2145514cc55b493593a7630f47342c64141e66d127108e8d3b88c3
SHA512

f188c00cbe7bbb451deffb8ebfdc0f004fdad314164aa9df11a1b875440ab53f81bc9a8a5f5bbbf82e2cda6cd850d439b599ea7335808bad41b328cd1b81faec
SSDEEP

1536:YawOnbNQKLjWDyy1oHRefYMJUEbooPRrKKRl1P39QLjBjkk7NWAt/JhH:YYNQKPWDylRefVJltZrpRl1P39QjNbx

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  08490ce30cbc82edf20b0052580e9524_JaffaCakes118
- Size
  
  194KB
- MD5
  
  08490ce30cbc82edf20b0052580e9524
- SHA1
  
  1579654b1a86f25ef51bd422c33c3d1624ebfd26
- SHA256
  
  9dbd28fd3a2145514cc55b493593a7630f47342c64141e66d127108e8d3b88c3
- SHA512
  
  f188c00cbe7bbb451deffb8ebfdc0f004fdad314164aa9df11a1b875440ab53f81bc9a8a5f5bbbf82e2cda6cd850d439b599ea7335808bad41b328cd1b81faec
- SSDEEP
  
  1536:YawOnbNQKLjWDyy1oHRefYMJUEbooPRrKKRl1P39QLjBjkk7NWAt/JhH:YYNQKPWDylRefVJltZrpRl1P39QjNbx
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion