8b6c56de17dd7332253fd809f69c409ab65d84b17776b3d03a6ea97e2dfe2aa1 | Triage

Sharing

General

Target

102f0576f10ea89f06411e65e9ed81ed_JaffaCakes118
Size

397KB
Sample

241003-xsflca1hkr
MD5

102f0576f10ea89f06411e65e9ed81ed
SHA1

4d038bdabc552d97ac31e537001cec45a4dd512c
SHA256

8b6c56de17dd7332253fd809f69c409ab65d84b17776b3d03a6ea97e2dfe2aa1
SHA512

4dac94dc389012b2e4521a643ca938818af6074fb06103a66920e095666721498f5508c9598e280a982564e474cb064e515356545ccaf405f6f22457f7187c83
SSDEEP

12288:yZfAwROmO5q/o83wlJk2K4UmPaNgVxjvNZAb3m9zTqhnku6+CK+/NtSmSFhlwum/:yZfAwRekwly27UmPaNexjvNZAb3m9zTj

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  102f0576f10ea89f06411e65e9ed81ed_JaffaCakes118
- Size
  
  397KB
- MD5
  
  102f0576f10ea89f06411e65e9ed81ed
- SHA1
  
  4d038bdabc552d97ac31e537001cec45a4dd512c
- SHA256
  
  8b6c56de17dd7332253fd809f69c409ab65d84b17776b3d03a6ea97e2dfe2aa1
- SHA512
  
  4dac94dc389012b2e4521a643ca938818af6074fb06103a66920e095666721498f5508c9598e280a982564e474cb064e515356545ccaf405f6f22457f7187c83
- SSDEEP
  
  12288:yZfAwROmO5q/o83wlJk2K4UmPaNgVxjvNZAb3m9zTqhnku6+CK+/NtSmSFhlwum/:yZfAwRekwly27UmPaNexjvNZAb3m9zTj
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion