22f2dce0091c297ee7a113ee585f1a2c128c2d019fc48a4abc2a9119f2c8e2a8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f7e3f6dd6e49696788a5887ca3c398ff_JaffaCakes118
Size

15KB
Sample

240418-nf8a6abe27
MD5

f7e3f6dd6e49696788a5887ca3c398ff
SHA1

aae64c58b15bcce0edb1b0c38832e0f7898003fd
SHA256

22f2dce0091c297ee7a113ee585f1a2c128c2d019fc48a4abc2a9119f2c8e2a8
SHA512

c5849c31f6aaf4ea3638fdef1967a4c5be1a1fef37d728c15f4b319d33b78425fc3f748a4035421b0a9c731a2fbd9139aabb42c4974f7db5516130b88f28b25e
SSDEEP

384:mfDHRSNivj8AKSCDwTBy4TZRXg/jQYlUcDbI:WDHRSNKj8+iwofjQYlU0

Score

8^/10

persistence upx

Malware Config

Targets

- Target
  
  f7e3f6dd6e49696788a5887ca3c398ff_JaffaCakes118
- Size
  
  15KB
- MD5
  
  f7e3f6dd6e49696788a5887ca3c398ff
- SHA1
  
  aae64c58b15bcce0edb1b0c38832e0f7898003fd
- SHA256
  
  22f2dce0091c297ee7a113ee585f1a2c128c2d019fc48a4abc2a9119f2c8e2a8
- SHA512
  
  c5849c31f6aaf4ea3638fdef1967a4c5be1a1fef37d728c15f4b319d33b78425fc3f748a4035421b0a9c731a2fbd9139aabb42c4974f7db5516130b88f28b25e
- SSDEEP
  
  384:mfDHRSNivj8AKSCDwTBy4TZRXg/jQYlUcDbI:WDHRSNKj8+iwofjQYlU0
Score

8^/10

persistence upx
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2