c1cff9b10af37109bc66ab5d01dbb90f0ac9f0256ffae2f1b03299796c9b4911 | Triage

Sharing

General

Target

147dfb71f301104787c8dc71efd765ce_JaffaCakes118
Size

198KB
Sample

241004-w79x3atglg
MD5

147dfb71f301104787c8dc71efd765ce
SHA1

92c1d71aa2e9321c32afef942eb22358d6de1c6d
SHA256

c1cff9b10af37109bc66ab5d01dbb90f0ac9f0256ffae2f1b03299796c9b4911
SHA512

ade39cdad638b95db65f1e7ff46bb6f517cd3fe49d366b9a92a8093099ea7e6d5f76c5d3e000f4a7d5e7eaccc2eb2765b0d6ef963a4f9f901c90a3b39a519fea
SSDEEP

3072:SE/CNupNvDnLnk7BGJGUm9CdhXNKxt99OI1DDUPbyupAfzbdCWcidBSU:pqNuPL47srm9Cd7itLOcDDBrbt3+U

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  147dfb71f301104787c8dc71efd765ce_JaffaCakes118
- Size
  
  198KB
- MD5
  
  147dfb71f301104787c8dc71efd765ce
- SHA1
  
  92c1d71aa2e9321c32afef942eb22358d6de1c6d
- SHA256
  
  c1cff9b10af37109bc66ab5d01dbb90f0ac9f0256ffae2f1b03299796c9b4911
- SHA512
  
  ade39cdad638b95db65f1e7ff46bb6f517cd3fe49d366b9a92a8093099ea7e6d5f76c5d3e000f4a7d5e7eaccc2eb2765b0d6ef963a4f9f901c90a3b39a519fea
- SSDEEP
  
  3072:SE/CNupNvDnLnk7BGJGUm9CdhXNKxt99OI1DDUPbyupAfzbdCWcidBSU:pqNuPL47srm9Cd7itLOcDDBrbt3+U
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion