46c6664f17f9b9194052968c36a281cf397630d341100926f14a6ca1622294be | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1ffae47e1252db4a4f0d1eefed749b6_JaffaCakes118
Size

41KB
Sample

240907-qbcd2axgjf
MD5

d1ffae47e1252db4a4f0d1eefed749b6
SHA1

141cf29a869f5913deef3ae67682bddd7d5caac7
SHA256

46c6664f17f9b9194052968c36a281cf397630d341100926f14a6ca1622294be
SHA512

60c6f14b99f2f6ab5259f2960075836ef5098bf6b0a9cb61dd3c714f4f0a6b939323c0a2b63c9936e5afa01b22f4ce557f174d53944b5b5432d7d0d1e77d2db3
SSDEEP

768:2YU5bjvqkuEgW21cdC62yxV8rQAKbYAi8kik9MgLtIysQuMObsYVVKFl:2cjEgW2qdLj8luYAi8kiXg5IyvuMOYqa

Score

7^/10

discovery persistence upx

Malware Config

Targets

- Target
  
  d1ffae47e1252db4a4f0d1eefed749b6_JaffaCakes118
- Size
  
  41KB
- MD5
  
  d1ffae47e1252db4a4f0d1eefed749b6
- SHA1
  
  141cf29a869f5913deef3ae67682bddd7d5caac7
- SHA256
  
  46c6664f17f9b9194052968c36a281cf397630d341100926f14a6ca1622294be
- SHA512
  
  60c6f14b99f2f6ab5259f2960075836ef5098bf6b0a9cb61dd3c714f4f0a6b939323c0a2b63c9936e5afa01b22f4ce557f174d53944b5b5432d7d0d1e77d2db3
- SSDEEP
  
  768:2YU5bjvqkuEgW21cdC62yxV8rQAKbYAi8kik9MgLtIysQuMObsYVVKFl:2cjEgW2qdLj8luYAi8kiXg5IyvuMOYqa
Score

7^/10

discovery persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx