e9ff586c77b5409d034a16220b3eab0678dcdd0dbfa46fbc1178b360458a155c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

827dbac514ae7ba17752fd631f221294_JaffaCakes118
Size

13KB
Sample

240802-bqme8axbmn
MD5

827dbac514ae7ba17752fd631f221294
SHA1

9a00a11d05fe915203dd3ab951c3e71a37731b6f
SHA256

e9ff586c77b5409d034a16220b3eab0678dcdd0dbfa46fbc1178b360458a155c
SHA512

f5ea69a6f4c78c604c50e3ea2fe35633f076de53a1a3f6209228119316684b3df308af73c8b60063f00abc06a3f76dbc06cc45bd90bc024d849e0d4a395a4ac9
SSDEEP

384:DJ/UCEYtMtlMSylicJ0Oe6U41Ob9l/ymnY0r:1REtlfMJ0JL4lmnp

Score

7^/10

discovery persistence upx

Malware Config

Targets

- Target
  
  827dbac514ae7ba17752fd631f221294_JaffaCakes118
- Size
  
  13KB
- MD5
  
  827dbac514ae7ba17752fd631f221294
- SHA1
  
  9a00a11d05fe915203dd3ab951c3e71a37731b6f
- SHA256
  
  e9ff586c77b5409d034a16220b3eab0678dcdd0dbfa46fbc1178b360458a155c
- SHA512
  
  f5ea69a6f4c78c604c50e3ea2fe35633f076de53a1a3f6209228119316684b3df308af73c8b60063f00abc06a3f76dbc06cc45bd90bc024d849e0d4a395a4ac9
- SSDEEP
  
  384:DJ/UCEYtMtlMSylicJ0Oe6U41Ob9l/ymnY0r:1REtlfMJ0JL4lmnp
Score

7^/10

discovery persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx