21e01de26a1cb4659e770c1a1910140cdcc203fb06694271a4bbeda2ae92c5bf | Triage

Sharing

General

Target

e1a9daaedb4fd9d81391ac3520395db6_JaffaCakes118
Size

21KB
Sample

240915-ekm2cavdrn
MD5

e1a9daaedb4fd9d81391ac3520395db6
SHA1

14b9ed056baead8db7b6ebd4d2d5165c1c013ea6
SHA256

21e01de26a1cb4659e770c1a1910140cdcc203fb06694271a4bbeda2ae92c5bf
SHA512

927efd5fbd540be7211fa359b1b6f936ecb414bdce9b47fe61239321e39ee5094cf7d91945cd231efeca1fc81fbe2a1dec0dc688ee5c9ec9299d952a11a9d0fd
SSDEEP

384:OLWCpCJ6x37z8MxLvLW9GhOEv+fmuhx+VqC0eWPpnwDL9ADemjx5uo:8zZhFxLDW9Gc9fmuhxKqCCyL93mP

Score

8^/10

discovery evasion execution upx

Malware Config

Targets

- Target
  
  e1a9daaedb4fd9d81391ac3520395db6_JaffaCakes118
- Size
  
  21KB
- MD5
  
  e1a9daaedb4fd9d81391ac3520395db6
- SHA1
  
  14b9ed056baead8db7b6ebd4d2d5165c1c013ea6
- SHA256
  
  21e01de26a1cb4659e770c1a1910140cdcc203fb06694271a4bbeda2ae92c5bf
- SHA512
  
  927efd5fbd540be7211fa359b1b6f936ecb414bdce9b47fe61239321e39ee5094cf7d91945cd231efeca1fc81fbe2a1dec0dc688ee5c9ec9299d952a11a9d0fd
- SSDEEP
  
  384:OLWCpCJ6x37z8MxLvLW9GhOEv+fmuhx+VqC0eWPpnwDL9ADemjx5uo:8zZhFxLDW9Gc9fmuhxKqCCyL93mP
Score

8^/10

discovery evasion execution upx
- Stops running service(s)
  evasion execution
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionexecutionupx

behavioral2

discoveryevasionexecutionupx