a927ec5b1c0f4fdeb02fb32183951d186459b20746a1cf475e9cce39c3e06e9c | Triage

Sharing

General

Target

ed07ee99969101e95ede917084b4950a_JaffaCakes118
Size

548KB
Sample

240920-hejcratbjc
MD5

ed07ee99969101e95ede917084b4950a
SHA1

56ba47fc5de16bf754cb844c98c96099dbd087b9
SHA256

a927ec5b1c0f4fdeb02fb32183951d186459b20746a1cf475e9cce39c3e06e9c
SHA512

68f2a6e1beb77b2d10e01f62088d5d8b101a95f4726d3fe2b4c58868749c3ef29fcfae2fdb6ebadacff4844b6d96f9b91572e58cec8e28fb79f8871103da91f5
SSDEEP

12288:4ff4aSTO3VCTjvnZ/oWFHcX7EBm/XbMdmAGzyeAGyIraSMmiE:44azCnntA7oHHeAQraSMmi

Score

10^/10

discovery persistence upx

Malware Config

Targets

- Target
  
  ed07ee99969101e95ede917084b4950a_JaffaCakes118
- Size
  
  548KB
- MD5
  
  ed07ee99969101e95ede917084b4950a
- SHA1
  
  56ba47fc5de16bf754cb844c98c96099dbd087b9
- SHA256
  
  a927ec5b1c0f4fdeb02fb32183951d186459b20746a1cf475e9cce39c3e06e9c
- SHA512
  
  68f2a6e1beb77b2d10e01f62088d5d8b101a95f4726d3fe2b4c58868749c3ef29fcfae2fdb6ebadacff4844b6d96f9b91572e58cec8e28fb79f8871103da91f5
- SSDEEP
  
  12288:4ff4aSTO3VCTjvnZ/oWFHcX7EBm/XbMdmAGzyeAGyIraSMmiE:44azCnntA7oHHeAQraSMmi
Score

10^/10

discovery persistence upx
- Modifies WinLogon for persistence
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2