4feb7585b4af0fb24c2b05de90ac4e80aea9f42ae9972cf083b1c5963de0530e | Triage

Sharing

General

Target

ed3e95417cf053f0d865cb4150b51495_JaffaCakes118
Size

62KB
Sample

240920-ksvztayame
MD5

ed3e95417cf053f0d865cb4150b51495
SHA1

d8886fc16c4004847dbb32511f761c82db0ab24c
SHA256

4feb7585b4af0fb24c2b05de90ac4e80aea9f42ae9972cf083b1c5963de0530e
SHA512

8eeeb518364ec9ebdf196d3e74bd1985c8085e55432dbfa3ad7483d98a88008e7cd905ef47b66d7a04c8f8325f46a096f2eb12f29f32a02b0fbac2c1da6dbdbf
SSDEEP

768:AJ2e7fsKSW5dArLGOC2dTBybQPTjjpU5AequWD2EpHycVmC8D9O8I:GTnjAeh2dMb43NequWD2EpSnZO

Score

10^/10

discovery persistence upx

Malware Config

Targets

- Target
  
  ed3e95417cf053f0d865cb4150b51495_JaffaCakes118
- Size
  
  62KB
- MD5
  
  ed3e95417cf053f0d865cb4150b51495
- SHA1
  
  d8886fc16c4004847dbb32511f761c82db0ab24c
- SHA256
  
  4feb7585b4af0fb24c2b05de90ac4e80aea9f42ae9972cf083b1c5963de0530e
- SHA512
  
  8eeeb518364ec9ebdf196d3e74bd1985c8085e55432dbfa3ad7483d98a88008e7cd905ef47b66d7a04c8f8325f46a096f2eb12f29f32a02b0fbac2c1da6dbdbf
- SSDEEP
  
  768:AJ2e7fsKSW5dArLGOC2dTBybQPTjjpU5AequWD2EpHycVmC8D9O8I:GTnjAeh2dMb43NequWD2EpSnZO
Score

10^/10

discovery persistence upx
- Modifies WinLogon for persistence
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2