e4f45a05239ce46b8d601e42db9fb50f5903a50f3bba995203c4aa76be8f6d29 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c366035b10763c90f74d999f5071d44_JaffaCakes118
Size

40KB
Sample

240719-q59xdsxgke
MD5

5c366035b10763c90f74d999f5071d44
SHA1

6f21dce96a65417c62c87d34699e3617916912fc
SHA256

e4f45a05239ce46b8d601e42db9fb50f5903a50f3bba995203c4aa76be8f6d29
SHA512

a80ab65021ec1e9b425c12119456d9cc447de7006c0c83bd5fe9f6219ba7940615b9fa79552e30e603730080097ce5bdbcb616fbe0f0008e679e772d50a52f86
SSDEEP

768:mhZOvYwa7Dv+cXUtERUYL41+RURjkx1zemiIZtnN4FbaJgrxeoY:mhs/ymcFRUW4pNoIgrCOSeoY

Score

10^/10

evasion upx

Malware Config

Targets

- Target
  
  5c366035b10763c90f74d999f5071d44_JaffaCakes118
- Size
  
  40KB
- MD5
  
  5c366035b10763c90f74d999f5071d44
- SHA1
  
  6f21dce96a65417c62c87d34699e3617916912fc
- SHA256
  
  e4f45a05239ce46b8d601e42db9fb50f5903a50f3bba995203c4aa76be8f6d29
- SHA512
  
  a80ab65021ec1e9b425c12119456d9cc447de7006c0c83bd5fe9f6219ba7940615b9fa79552e30e603730080097ce5bdbcb616fbe0f0008e679e772d50a52f86
- SSDEEP
  
  768:mhZOvYwa7Dv+cXUtERUYL41+RURjkx1zemiIZtnN4FbaJgrxeoY:mhs/ymcFRUW4pNoIgrCOSeoY
Score

10^/10

evasion upx
- Modifies firewall policy service
  evasion
- Deletes itself
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2