e65babd034a4f2d17b1eb829ba8c4f65e8fd04d9735bef317e03f1540ea9902a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ddcdf23c508e0726677be3017d9bcaf9_JaffaCakes118
Size

7KB
Sample

240913-gmdlssxern
MD5

ddcdf23c508e0726677be3017d9bcaf9
SHA1

83c077dcefcfa9100f26af337245cb8276d3d4d3
SHA256

e65babd034a4f2d17b1eb829ba8c4f65e8fd04d9735bef317e03f1540ea9902a
SHA512

dec6b485cd6db3c7db2fd29413aa3ba7528404d7f9067c1458656fc55f0c96102522cdb38a17318780aabdf4a8e57c8c140d9d248695bbbb23e8774a97e2929c
SSDEEP

96:MLucHArskKz9IG6DVAl8vLlgxC8Ul97G/AzbnSuPayHKUks:4ucHrkKyC8JVJVPSuH5

Score

8^/10

discovery persistence upx

Malware Config

Targets

- Target
  
  ddcdf23c508e0726677be3017d9bcaf9_JaffaCakes118
- Size
  
  7KB
- MD5
  
  ddcdf23c508e0726677be3017d9bcaf9
- SHA1
  
  83c077dcefcfa9100f26af337245cb8276d3d4d3
- SHA256
  
  e65babd034a4f2d17b1eb829ba8c4f65e8fd04d9735bef317e03f1540ea9902a
- SHA512
  
  dec6b485cd6db3c7db2fd29413aa3ba7528404d7f9067c1458656fc55f0c96102522cdb38a17318780aabdf4a8e57c8c140d9d248695bbbb23e8774a97e2929c
- SSDEEP
  
  96:MLucHArskKz9IG6DVAl8vLlgxC8Ul97G/AzbnSuPayHKUks:4ucHrkKyC8JVJVPSuH5
Score

8^/10

discovery persistence upx
- Adds policy Run key to start application
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx