d48b295654d8a04bcd1c54302f125ca2dc4818ec3c61b5bb5d69984fadc43156 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a55827f96bdb067ef921c9b662affb48_JaffaCakes118
Size

68KB
Sample

240818-et27mavdjg
MD5

a55827f96bdb067ef921c9b662affb48
SHA1

a364fbe20b63d114cdba2c06913bffd9f86add50
SHA256

d48b295654d8a04bcd1c54302f125ca2dc4818ec3c61b5bb5d69984fadc43156
SHA512

4d17f61d5e81bf2310d64cd343166b1b65e98f1ba201cf50b42d14f1a1d1a2a66e5c74e66e631bd5faa98c3465519ddaa3ae07e5cfbc57270490a26da236988e
SSDEEP

1536:kc/Nks/QqccfV9HS2Ad3k5a7QD3wOaF2hsQTLk7yoYwXsvmnO:kcVkAQ7oS2W6T44TLkMfmO

Score

8^/10

discovery persistence upx

Malware Config

Targets

- Target
  
  a55827f96bdb067ef921c9b662affb48_JaffaCakes118
- Size
  
  68KB
- MD5
  
  a55827f96bdb067ef921c9b662affb48
- SHA1
  
  a364fbe20b63d114cdba2c06913bffd9f86add50
- SHA256
  
  d48b295654d8a04bcd1c54302f125ca2dc4818ec3c61b5bb5d69984fadc43156
- SHA512
  
  4d17f61d5e81bf2310d64cd343166b1b65e98f1ba201cf50b42d14f1a1d1a2a66e5c74e66e631bd5faa98c3465519ddaa3ae07e5cfbc57270490a26da236988e
- SSDEEP
  
  1536:kc/Nks/QqccfV9HS2Ad3k5a7QD3wOaF2hsQTLk7yoYwXsvmnO:kcVkAQ7oS2W6T44TLkMfmO
Score

8^/10

persistence upx discovery
- Drops file in Drivers directory
- Sets service image path in registry
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistenceupx