5cff09a72ecb68ca601d54f3cfda5eb18a662eef3cb654a0b5dda5d6b5c03a35 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d64a2b1e064cf0c28ca49b15df9e212b_JaffaCakes118
Size

21KB
Sample

240909-petbaaxbrq
MD5

d64a2b1e064cf0c28ca49b15df9e212b
SHA1

ba92d08cb05a3b62fcb9d11aecbbb9c731f31796
SHA256

5cff09a72ecb68ca601d54f3cfda5eb18a662eef3cb654a0b5dda5d6b5c03a35
SHA512

5d6bf688d529a6985b32dc008cb28ef0bf937c59d72c9ae9b338a328a99cf9dbf969f4d0b23dd2f64bd42315a6607261672de3c8cce624932b4bad7daa897029
SSDEEP

384:oLWCpCJ6xhNN8S0gPW2KUCphaMTaR3ItDCuV9UAvdOh+/3o:OzZtN8SVKUCpJTaItO4U6di+/

Score

8^/10

discovery evasion execution upx

Malware Config

Targets

- Target
  
  d64a2b1e064cf0c28ca49b15df9e212b_JaffaCakes118
- Size
  
  21KB
- MD5
  
  d64a2b1e064cf0c28ca49b15df9e212b
- SHA1
  
  ba92d08cb05a3b62fcb9d11aecbbb9c731f31796
- SHA256
  
  5cff09a72ecb68ca601d54f3cfda5eb18a662eef3cb654a0b5dda5d6b5c03a35
- SHA512
  
  5d6bf688d529a6985b32dc008cb28ef0bf937c59d72c9ae9b338a328a99cf9dbf969f4d0b23dd2f64bd42315a6607261672de3c8cce624932b4bad7daa897029
- SSDEEP
  
  384:oLWCpCJ6xhNN8S0gPW2KUCphaMTaR3ItDCuV9UAvdOh+/3o:OzZtN8SVKUCpJTaItO4U6di+/
Score

8^/10

discovery evasion execution upx
- Stops running service(s)
  evasion execution
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionexecutionupx

behavioral2

discoveryevasionexecutionupx