bf3b8f314bdbedd695ab3180131b9137744c2f4fee03623cce245b895fa75483 | Triage

Sharing

General

Target

61e9e45ca519f91aef43d54ccf64ccc7_JaffaCakes118
Size

169KB
Sample

240721-3rqmta1bmh
MD5

61e9e45ca519f91aef43d54ccf64ccc7
SHA1

85ea303afb94bfe2a44ff1f5cdabda999ded90eb
SHA256

bf3b8f314bdbedd695ab3180131b9137744c2f4fee03623cce245b895fa75483
SHA512

33f61400fd5eeac8f9661a6cceb5119c1987f5d92bc995e85b3970121eb31fb3ae1ae98e422eff755ea218a2f6de463eed316689fe647d4bf023a449b1ac2395
SSDEEP

3072:QT53vk6RrcECsUHa/6YI/kFyhaK7pJNcSmF91wEIkR2h7bd7uaUBr6r:E5fk6eMU9kXK7TG71vi7

Score

10^/10

evasion upx

Malware Config

Targets

- Target
  
  61e9e45ca519f91aef43d54ccf64ccc7_JaffaCakes118
- Size
  
  169KB
- MD5
  
  61e9e45ca519f91aef43d54ccf64ccc7
- SHA1
  
  85ea303afb94bfe2a44ff1f5cdabda999ded90eb
- SHA256
  
  bf3b8f314bdbedd695ab3180131b9137744c2f4fee03623cce245b895fa75483
- SHA512
  
  33f61400fd5eeac8f9661a6cceb5119c1987f5d92bc995e85b3970121eb31fb3ae1ae98e422eff755ea218a2f6de463eed316689fe647d4bf023a449b1ac2395
- SSDEEP
  
  3072:QT53vk6RrcECsUHa/6YI/kFyhaK7pJNcSmF91wEIkR2h7bd7uaUBr6r:E5fk6eMU9kXK7TG71vi7
Score

10^/10

upx evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2