1597c815270944fe3aebf78efceeb993bd05ebf195ea9f114c8eed6e87645a8b | Triage

Sharing

General

Target

764af53327dd6512d3406f4174441bfc_JaffaCakes118
Size

58KB
Sample

240727-aa6ngswgja
MD5

764af53327dd6512d3406f4174441bfc
SHA1

100375a08d61bbc7416e19f210e2958b9a49c96e
SHA256

1597c815270944fe3aebf78efceeb993bd05ebf195ea9f114c8eed6e87645a8b
SHA512

c59b480fab569fba1f784e76af780845645364d2474975d97ae88363ab78bbc878cf18163b6ccfd8933f4102c663953fba93aefe82211c42ef940c7d33f66e2a
SSDEEP

384:eJgBe3oxskFLo1oMV1DE/SlVO/9vC/svR6FWH89PHP8sRRovp5VNGBK3/MasYMQw:Re3oxsMoX5Q9vC/IR4LdkNp4uMQM

Score

8^/10

discovery persistence upx

Malware Config

Targets

- Target
  
  764af53327dd6512d3406f4174441bfc_JaffaCakes118
- Size
  
  58KB
- MD5
  
  764af53327dd6512d3406f4174441bfc
- SHA1
  
  100375a08d61bbc7416e19f210e2958b9a49c96e
- SHA256
  
  1597c815270944fe3aebf78efceeb993bd05ebf195ea9f114c8eed6e87645a8b
- SHA512
  
  c59b480fab569fba1f784e76af780845645364d2474975d97ae88363ab78bbc878cf18163b6ccfd8933f4102c663953fba93aefe82211c42ef940c7d33f66e2a
- SSDEEP
  
  384:eJgBe3oxskFLo1oMV1DE/SlVO/9vC/svR6FWH89PHP8sRRovp5VNGBK3/MasYMQw:Re3oxsMoX5Q9vC/IR4LdkNp4uMQM
Score

8^/10

persistence upx discovery
- Server Software Component: Terminal Services DLL
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistenceupx