50cf556879102805e99e7d10dd67dd1018d456565f7e6cc9042dca2df9dc7bfe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0de764029f3c9cbb169d4e85e94ade45_JaffaCakes118
Size

22KB
Sample

240625-nmyqaszfpn
MD5

0de764029f3c9cbb169d4e85e94ade45
SHA1

9569c09720740c103c77bc9cffe4eb5cbf55a426
SHA256

50cf556879102805e99e7d10dd67dd1018d456565f7e6cc9042dca2df9dc7bfe
SHA512

79484d564cc5e8ed7cd1e3dec7c7655d3ef6bd3ce08a934cc8d55b38a1b1535cad9fa48574d61aed51918a1d3732a095e15146ac10dffcf5bf0d0ab01db9e5b6
SSDEEP

384:VLWCpCJ6x3H747WWnuyb6ldYPVhE11uiioMqz9bYK7n7Ey6hglwo:pzZhH7ab63YPVhXiiP2BXcy6hu

Score

8^/10

evasion execution upx

Malware Config

Targets

- Target
  
  0de764029f3c9cbb169d4e85e94ade45_JaffaCakes118
- Size
  
  22KB
- MD5
  
  0de764029f3c9cbb169d4e85e94ade45
- SHA1
  
  9569c09720740c103c77bc9cffe4eb5cbf55a426
- SHA256
  
  50cf556879102805e99e7d10dd67dd1018d456565f7e6cc9042dca2df9dc7bfe
- SHA512
  
  79484d564cc5e8ed7cd1e3dec7c7655d3ef6bd3ce08a934cc8d55b38a1b1535cad9fa48574d61aed51918a1d3732a095e15146ac10dffcf5bf0d0ab01db9e5b6
- SSDEEP
  
  384:VLWCpCJ6x3H747WWnuyb6ldYPVhE11uiioMqz9bYK7n7Ey6hglwo:pzZhH7ab63YPVhXiiP2BXcy6hu
Score

8^/10

evasion execution upx
- Stops running service(s)
  evasion execution
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

evasionexecutionupx

behavioral2

evasionexecutionupx