d173150f1dccfa57790e9bae02598ebc620a3b2775d025ff370072f061a30374 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d36ae5fcfbb000dcc26e8d6a9b94abe0_JaffaCakes118
Size

21KB
Sample

240908-dwfkzasgmr
MD5

d36ae5fcfbb000dcc26e8d6a9b94abe0
SHA1

3eabb6be99f934dd457652a3f58a9db6a9a5e162
SHA256

d173150f1dccfa57790e9bae02598ebc620a3b2775d025ff370072f061a30374
SHA512

dc1c7ef7dc478168ca319fe0853c1f6d868fde5bfd501dccd0dd2829aba38e7939cdc3935dcba0741565fd6252b15f488d8d85842c17df0f78069fb67ecb85df
SSDEEP

384:nLWCpCJ6xhNN8S0gPW2KUCphaMTaR3ItDCuV9UAvdOh+/3o:LzZtN8SVKUCpJTaItO4U6di+/

Score

8^/10

discovery evasion execution upx

Malware Config

Targets

- Target
  
  d36ae5fcfbb000dcc26e8d6a9b94abe0_JaffaCakes118
- Size
  
  21KB
- MD5
  
  d36ae5fcfbb000dcc26e8d6a9b94abe0
- SHA1
  
  3eabb6be99f934dd457652a3f58a9db6a9a5e162
- SHA256
  
  d173150f1dccfa57790e9bae02598ebc620a3b2775d025ff370072f061a30374
- SHA512
  
  dc1c7ef7dc478168ca319fe0853c1f6d868fde5bfd501dccd0dd2829aba38e7939cdc3935dcba0741565fd6252b15f488d8d85842c17df0f78069fb67ecb85df
- SSDEEP
  
  384:nLWCpCJ6xhNN8S0gPW2KUCphaMTaR3ItDCuV9UAvdOh+/3o:LzZtN8SVKUCpJTaItO4U6di+/
Score

8^/10

discovery evasion execution upx
- Stops running service(s)
  evasion execution
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionexecutionupx

behavioral2

discoveryevasionexecutionupx