bdceb2b6b2c10b435048eb19fdb0f22e16d458c97904e1e30291bfc1787c668b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abecec97c237fa1180cb2cd98a5cfa02_JaffaCakes118
Size

302KB
Sample

240819-v3zqvsxaqe
MD5

abecec97c237fa1180cb2cd98a5cfa02
SHA1

cfbab612f0851f81576047b365f415c9fade1e55
SHA256

bdceb2b6b2c10b435048eb19fdb0f22e16d458c97904e1e30291bfc1787c668b
SHA512

ec57ed118dac0df1b38953bd42fb9e2e671c6748312896ceaef2adcbc7543a20fcd6e3e038ef4f795265c180ca0e6eba350fbc80c211098aeb0e13499fbd24b4
SSDEEP

6144:Pzt+0Kg8D9MmBct4mUjAwIwlIEOlIghDE3fHa3NI4iSOn:PpL8pRjAwIS+rlE2R8

Score

7^/10

discovery persistence upx

Malware Config

Targets

- Target
  
  abecec97c237fa1180cb2cd98a5cfa02_JaffaCakes118
- Size
  
  302KB
- MD5
  
  abecec97c237fa1180cb2cd98a5cfa02
- SHA1
  
  cfbab612f0851f81576047b365f415c9fade1e55
- SHA256
  
  bdceb2b6b2c10b435048eb19fdb0f22e16d458c97904e1e30291bfc1787c668b
- SHA512
  
  ec57ed118dac0df1b38953bd42fb9e2e671c6748312896ceaef2adcbc7543a20fcd6e3e038ef4f795265c180ca0e6eba350fbc80c211098aeb0e13499fbd24b4
- SSDEEP
  
  6144:Pzt+0Kg8D9MmBct4mUjAwIwlIEOlIghDE3fHa3NI4iSOn:PpL8pRjAwIS+rlE2R8
Score

7^/10

discovery persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Checks for any installed AV software in registry
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Software Discovery

Security Software Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2