c75b2c5118953694a231077e66a22eb36594f997ae023a0f63ed98374f8cdfd0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef5d14241cf297dc32474392ed981e90_JaffaCakes118
Size

33KB
Sample

240921-jtavlasbmb
MD5

ef5d14241cf297dc32474392ed981e90
SHA1

3c803cf6bb305e478177c0ccf8f3c5a1bd76ac51
SHA256

c75b2c5118953694a231077e66a22eb36594f997ae023a0f63ed98374f8cdfd0
SHA512

f6883b98df994094088212d1124602747191387a6d8895c5ecee9365273cdd2b2092c35686cb9fdfb385fbef7e31b360d1261a0f2ea8d51aacd13867768ba0ca
SSDEEP

768:69JNiUe4cSTdXTuGd3Klc7uVVu+HiYIWlkV:6X8Ue4cKNKe/+CF9V

Score

8^/10

discovery persistence upx

Malware Config

Targets

- Target
  
  ef5d14241cf297dc32474392ed981e90_JaffaCakes118
- Size
  
  33KB
- MD5
  
  ef5d14241cf297dc32474392ed981e90
- SHA1
  
  3c803cf6bb305e478177c0ccf8f3c5a1bd76ac51
- SHA256
  
  c75b2c5118953694a231077e66a22eb36594f997ae023a0f63ed98374f8cdfd0
- SHA512
  
  f6883b98df994094088212d1124602747191387a6d8895c5ecee9365273cdd2b2092c35686cb9fdfb385fbef7e31b360d1261a0f2ea8d51aacd13867768ba0ca
- SSDEEP
  
  768:69JNiUe4cSTdXTuGd3Klc7uVVu+HiYIWlkV:6X8Ue4cKNKe/+CF9V
Score

8^/10

discovery persistence upx
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx