e3e0b729e750ba73e5f2e2ff9aa03c11f9f713aef0f210d5e7a0e998dbfb58c4 | Triage

Sharing

General

Target

c963c7aaed6003806c71472061b103e3_JaffaCakes118
Size

244KB
Sample

240829-w8hvzaxcln
MD5

c963c7aaed6003806c71472061b103e3
SHA1

6b28187f9214571ee75d111468ed3364eeaed14e
SHA256

e3e0b729e750ba73e5f2e2ff9aa03c11f9f713aef0f210d5e7a0e998dbfb58c4
SHA512

a65baef4a9ef135929ae3016678012010b262b06bb2c456b169b8b373e33d44323a11615cd204b55d5b5db79fb45ab72866ebd527811f20c3ae22ceaad3a2a26
SSDEEP

6144:d8f59Kb/d4Ax4CO6VOCsevHLIYz+daHTH9XcTba/uu:d8jKLd4ADfdPh+daHI+n

Score

7^/10

defense_evasion discovery persistence upx

Malware Config

Targets

- Target
  
  c963c7aaed6003806c71472061b103e3_JaffaCakes118
- Size
  
  244KB
- MD5
  
  c963c7aaed6003806c71472061b103e3
- SHA1
  
  6b28187f9214571ee75d111468ed3364eeaed14e
- SHA256
  
  e3e0b729e750ba73e5f2e2ff9aa03c11f9f713aef0f210d5e7a0e998dbfb58c4
- SHA512
  
  a65baef4a9ef135929ae3016678012010b262b06bb2c456b169b8b373e33d44323a11615cd204b55d5b5db79fb45ab72866ebd527811f20c3ae22ceaad3a2a26
- SSDEEP
  
  6144:d8f59Kb/d4Ax4CO6VOCsevHLIYz+daHTH9XcTba/uu:d8jKLd4ADfdPh+daHI+n
Score

7^/10

defense_evasion discovery persistence upx
- Impair Defenses: Safe Mode Boot
  defense_evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Safe Mode Boot

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverypersistenceupx

behavioral2