85aa498509e537b4b0ddf89bbed4782d22bd262eb97abd4c8c67777447383e3d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e9beaa23bf629f1cb88cbccb169bd4c_JaffaCakes118
Size

33KB
Sample

240712-x97q6axclj
MD5

3e9beaa23bf629f1cb88cbccb169bd4c
SHA1

74257fcb35d5bbcb3ca3961a600b0894cb33324a
SHA256

85aa498509e537b4b0ddf89bbed4782d22bd262eb97abd4c8c67777447383e3d
SHA512

5fcff6d7a3362b1174510a2c69ed8a9e1509775d69b76b291907afb64d7089c8d396ac895bdb267d5451ddf7dd76830c95ee981e3a2df340b0048dc739175f0d
SSDEEP

768:im7rz42odzHdoka2wjkYl3FnUTtLJo3c7oiP9yY3A3fZ:im7rz42M9JjwIM3RmtLJo3ClP9yY3A3B

Score

10^/10

evasion execution upx

Malware Config

Targets

- Target
  
  3e9beaa23bf629f1cb88cbccb169bd4c_JaffaCakes118
- Size
  
  33KB
- MD5
  
  3e9beaa23bf629f1cb88cbccb169bd4c
- SHA1
  
  74257fcb35d5bbcb3ca3961a600b0894cb33324a
- SHA256
  
  85aa498509e537b4b0ddf89bbed4782d22bd262eb97abd4c8c67777447383e3d
- SHA512
  
  5fcff6d7a3362b1174510a2c69ed8a9e1509775d69b76b291907afb64d7089c8d396ac895bdb267d5451ddf7dd76830c95ee981e3a2df340b0048dc739175f0d
- SSDEEP
  
  768:im7rz42odzHdoka2wjkYl3FnUTtLJo3c7oiP9yY3A3fZ:im7rz42M9JjwIM3RmtLJo3ClP9yY3A3B
Score

10^/10

evasion execution upx
- Disables service(s)
  evasion execution
- Stops running service(s)
  evasion execution
- Deletes itself
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

evasionexecutionupx

behavioral2

evasionexecutionupx