7f79eee0de7e3cbbe96bfbc27427c8e9104f7a12d46dd08db53d33f5f9fa72c5 | Triage

Sharing

General

Target

4542b638a531b84eefdbb6a2ec91d593_JaffaCakes118
Size

51KB
Sample

240714-llfrzsvepl
MD5

4542b638a531b84eefdbb6a2ec91d593
SHA1

d9600be4efcbc940f27ad6ad21ae75347d3c7e2f
SHA256

7f79eee0de7e3cbbe96bfbc27427c8e9104f7a12d46dd08db53d33f5f9fa72c5
SHA512

c4aac59d3fe6f8f541cabfcc900b8092c7af6a35b898fce017040e42610b0ab5d4b68d3e8ca7e5ff807ac28a29f8c3cf43265f89086a3ef818127b120c387428
SSDEEP

1536:WO6s8DvXF60KwC3c9u9dXe+T73gujHnouy8w:WO6s8zg0Guu9dX9wujHoutw

Score

7^/10

persistence upx

Malware Config

Targets

- Target
  
  4542b638a531b84eefdbb6a2ec91d593_JaffaCakes118
- Size
  
  51KB
- MD5
  
  4542b638a531b84eefdbb6a2ec91d593
- SHA1
  
  d9600be4efcbc940f27ad6ad21ae75347d3c7e2f
- SHA256
  
  7f79eee0de7e3cbbe96bfbc27427c8e9104f7a12d46dd08db53d33f5f9fa72c5
- SHA512
  
  c4aac59d3fe6f8f541cabfcc900b8092c7af6a35b898fce017040e42610b0ab5d4b68d3e8ca7e5ff807ac28a29f8c3cf43265f89086a3ef818127b120c387428
- SSDEEP
  
  1536:WO6s8DvXF60KwC3c9u9dXe+T73gujHnouy8w:WO6s8zg0Guu9dX9wujHoutw
Score

7^/10

persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2