78ab7dced1e3f1bde18820a3144875178fa3b88008d4326b6e06999c79f7a78b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

304bdb189d071080d4ad34af193187cf_JaffaCakes118
Size

167KB
Sample

240709-n7tbbatank
MD5

304bdb189d071080d4ad34af193187cf
SHA1

e3f585ca1e0f7734429db7020a94d69116c5c1f7
SHA256

78ab7dced1e3f1bde18820a3144875178fa3b88008d4326b6e06999c79f7a78b
SHA512

df0941f617154d79b9f9c80509f75bbea1393356e34df90afa1a1ff22e6b5d6213d34a2d098f377c16f5326ea85b0553cfe8a08820c174caaaab3a64f52eabf4
SSDEEP

3072:8wHi+R3eBewbLFjWqNxg5X2M1GrO7P/aOs1eJkeS3jENZAlIeE6/6/Rs/:vzsbLFLNxgp2qS8keSzEolIeEnW

Score

10^/10

evasion upx

Malware Config

Targets

- Target
  
  304bdb189d071080d4ad34af193187cf_JaffaCakes118
- Size
  
  167KB
- MD5
  
  304bdb189d071080d4ad34af193187cf
- SHA1
  
  e3f585ca1e0f7734429db7020a94d69116c5c1f7
- SHA256
  
  78ab7dced1e3f1bde18820a3144875178fa3b88008d4326b6e06999c79f7a78b
- SHA512
  
  df0941f617154d79b9f9c80509f75bbea1393356e34df90afa1a1ff22e6b5d6213d34a2d098f377c16f5326ea85b0553cfe8a08820c174caaaab3a64f52eabf4
- SSDEEP
  
  3072:8wHi+R3eBewbLFjWqNxg5X2M1GrO7P/aOs1eJkeS3jENZAlIeE6/6/Rs/:vzsbLFLNxgp2qS8keSzEolIeEnW
Score

10^/10

upx evasion
- Modifies firewall policy service
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2