2e8a700a2924684d6e5a8a523c0514ce631e37adb156f68d2e62f097628c528c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

94cf37130a9a097852759940057ee3e9_JaffaCakes118
Size

746KB
Sample

240813-1b2n2a1gql
MD5

94cf37130a9a097852759940057ee3e9
SHA1

6cf5959b6b0bf1086b9ea69627c23baa853a822a
SHA256

2e8a700a2924684d6e5a8a523c0514ce631e37adb156f68d2e62f097628c528c
SHA512

9862ce4e0b5cc7f70ef6dab58ca21865a8c3e53a4cfc78dd039dacdec3b09816d5b7df162876c759505a0c167b422389494e11d62b1aafe5c0ebbf77f5ee068c
SSDEEP

12288:R2IL7JaZ/qzImJ0mSoorKu2txNVVoWqUqA1Bh8TjI0vpntZq0F:RTL9hzImJHSo5tNVVo7Uhrh8v7tZ

Score

8^/10

defense_evasion discovery evasion persistence upx

Malware Config

Targets

- Target
  
  94cf37130a9a097852759940057ee3e9_JaffaCakes118
- Size
  
  746KB
- MD5
  
  94cf37130a9a097852759940057ee3e9
- SHA1
  
  6cf5959b6b0bf1086b9ea69627c23baa853a822a
- SHA256
  
  2e8a700a2924684d6e5a8a523c0514ce631e37adb156f68d2e62f097628c528c
- SHA512
  
  9862ce4e0b5cc7f70ef6dab58ca21865a8c3e53a4cfc78dd039dacdec3b09816d5b7df162876c759505a0c167b422389494e11d62b1aafe5c0ebbf77f5ee068c
- SSDEEP
  
  12288:R2IL7JaZ/qzImJ0mSoorKu2txNVVoWqUqA1Bh8TjI0vpntZq0F:RTL9hzImJHSo5tNVVo7Uhrh8v7tZ
Score

8^/10

defense_evasion discovery evasion persistence upx
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Indicator Removal

File Deletion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryevasionpersistenceupx

behavioral2

defense_evasiondiscoveryevasionpersistenceupx