ffbfb9c592ce34951ba21e3ebafb7d9fd499f3cb7705f39ea96d0bfeda79247e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

178ab538c455c97c7ccec22589226670_JaffaCakes118
Size

439KB
Sample

240627-z1nb9stclr
MD5

178ab538c455c97c7ccec22589226670
SHA1

0c7a9491a60de531dc269b6f9e64f31e4d4051b0
SHA256

ffbfb9c592ce34951ba21e3ebafb7d9fd499f3cb7705f39ea96d0bfeda79247e
SHA512

7d03d6472be4b61068178f2291856a92b3b375a5042c54e85baa291d2697780b4012da7ed26490b71b94fcf26dfb2a89867761ef3f71266576c78ef8a2c26862
SSDEEP

12288:turpcmTzm7bBFmMONr0l39Du8RW1BuTYgewLfBUJQ:urQ3968WGYqN0

Score

7^/10

persistence upx

Malware Config

Targets

- Target
  
  178ab538c455c97c7ccec22589226670_JaffaCakes118
- Size
  
  439KB
- MD5
  
  178ab538c455c97c7ccec22589226670
- SHA1
  
  0c7a9491a60de531dc269b6f9e64f31e4d4051b0
- SHA256
  
  ffbfb9c592ce34951ba21e3ebafb7d9fd499f3cb7705f39ea96d0bfeda79247e
- SHA512
  
  7d03d6472be4b61068178f2291856a92b3b375a5042c54e85baa291d2697780b4012da7ed26490b71b94fcf26dfb2a89867761ef3f71266576c78ef8a2c26862
- SSDEEP
  
  12288:turpcmTzm7bBFmMONr0l39Du8RW1BuTYgewLfBUJQ:urQ3968WGYqN0
Score

7^/10

persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2