a5f20bec55bc246ed90fc497e59d6ebc150401c4c01f3dc9a6aae3c187fd1d6d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab3ba903192d8813140d702184e69a94_JaffaCakes118
Size

144KB
Sample

240819-qw5lbaxalg
MD5

ab3ba903192d8813140d702184e69a94
SHA1

332f0330deae74e57a1b7d971701fa8a7d5f41bc
SHA256

a5f20bec55bc246ed90fc497e59d6ebc150401c4c01f3dc9a6aae3c187fd1d6d
SHA512

bf53fb426cb62d40fb4d80ae04c2fd2ba849c7f3607704f7b93ce5647574f8873006ccd8010ac35e136b5c2791a3714e78a5b21271e92ce0befda0f8b75d563d
SSDEEP

3072:Rlu6S6REGfwyDl/6pnMduTUmN2voF/qZg8AkJ5Wq1R:e6SSLRlSdTd2Aw6NkJ5Wqj

Score

10^/10

discovery evasion trojan upx

Malware Config

Targets

- Target
  
  ab3ba903192d8813140d702184e69a94_JaffaCakes118
- Size
  
  144KB
- MD5
  
  ab3ba903192d8813140d702184e69a94
- SHA1
  
  332f0330deae74e57a1b7d971701fa8a7d5f41bc
- SHA256
  
  a5f20bec55bc246ed90fc497e59d6ebc150401c4c01f3dc9a6aae3c187fd1d6d
- SHA512
  
  bf53fb426cb62d40fb4d80ae04c2fd2ba849c7f3607704f7b93ce5647574f8873006ccd8010ac35e136b5c2791a3714e78a5b21271e92ce0befda0f8b75d563d
- SSDEEP
  
  3072:Rlu6S6REGfwyDl/6pnMduTUmN2voF/qZg8AkJ5Wq1R:e6SSLRlSdTd2Aw6NkJ5Wqj
Score

10^/10

discovery evasion trojan upx
- UAC bypass
  evasion trojan
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasiontrojanupx