bc371d123606572ce4ca188187794bf583c5f4be4733a7da9fac607cb665d80f | Triage

Sharing

General

Target

c183c7966e98f726bb472e20febed366_JaffaCakes118
Size

21KB
Sample

240825-y91hhstblh
MD5

c183c7966e98f726bb472e20febed366
SHA1

159d6fb5bdda86f8966e458fc0eef590eb255125
SHA256

bc371d123606572ce4ca188187794bf583c5f4be4733a7da9fac607cb665d80f
SHA512

2f5e38d03ee2f83f90a6dd7b5d610d4c3c877636ba981286324e116b0c560deab9d931cd07842593bd8b2a8d69433ae58d857a53470c273e8c69d5e62a4d870b
SSDEEP

384:ELWCpCJ6x37z8MxLvLW9GhOEv+fmuhx+VqC0eWPpnwDL9ADemjx5uo:izZhFxLDW9Gc9fmuhxKqCCyL93mP

Score

8^/10

discovery evasion execution upx

Malware Config

Targets

- Target
  
  c183c7966e98f726bb472e20febed366_JaffaCakes118
- Size
  
  21KB
- MD5
  
  c183c7966e98f726bb472e20febed366
- SHA1
  
  159d6fb5bdda86f8966e458fc0eef590eb255125
- SHA256
  
  bc371d123606572ce4ca188187794bf583c5f4be4733a7da9fac607cb665d80f
- SHA512
  
  2f5e38d03ee2f83f90a6dd7b5d610d4c3c877636ba981286324e116b0c560deab9d931cd07842593bd8b2a8d69433ae58d857a53470c273e8c69d5e62a4d870b
- SSDEEP
  
  384:ELWCpCJ6x37z8MxLvLW9GhOEv+fmuhx+VqC0eWPpnwDL9ADemjx5uo:izZhFxLDW9Gc9fmuhxKqCCyL93mP
Score

8^/10

discovery evasion execution upx
- Stops running service(s)
  evasion execution
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionexecutionupx

behavioral2

discoveryevasionexecutionupx