150e99b7247955b4c60ead4f979b8a5c9500ecec84165fba32f3df2d1cced6d6 | Triage

Sharing

General

Target

1265301e45d6721d2b7d2b8263f23c20_JaffaCakes118
Size

100KB
Sample

241004-h9wxbs1fpq
MD5

1265301e45d6721d2b7d2b8263f23c20
SHA1

f46d2fc5f2a5d9bd2ccb24ff458fed608ecb83b8
SHA256

150e99b7247955b4c60ead4f979b8a5c9500ecec84165fba32f3df2d1cced6d6
SHA512

82d3981fe2e4c7689e8c8a3417264cb52a8e9d2d005554bd7599959a8e9543621d211954ad6e4bd79beaab56f34032fd5ad9d86e72849a05d8f792dffbb1dd68
SSDEEP

1536:Er1fEeBh6ssMFaepW15y7oifJIrubBdJDzDQm2JuG1NBlM8Gj5MPH7CU8hqu:EpJBhDJ8ifJIKBdJDz8QOi5MPH7d8

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  1265301e45d6721d2b7d2b8263f23c20_JaffaCakes118
- Size
  
  100KB
- MD5
  
  1265301e45d6721d2b7d2b8263f23c20
- SHA1
  
  f46d2fc5f2a5d9bd2ccb24ff458fed608ecb83b8
- SHA256
  
  150e99b7247955b4c60ead4f979b8a5c9500ecec84165fba32f3df2d1cced6d6
- SHA512
  
  82d3981fe2e4c7689e8c8a3417264cb52a8e9d2d005554bd7599959a8e9543621d211954ad6e4bd79beaab56f34032fd5ad9d86e72849a05d8f792dffbb1dd68
- SSDEEP
  
  1536:Er1fEeBh6ssMFaepW15y7oifJIrubBdJDzDQm2JuG1NBlM8Gj5MPH7CU8hqu:EpJBhDJ8ifJIKBdJDz8QOi5MPH7d8
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion