6b3a71aa9a2747d8a8f4e5feaa95020b282a248dec79e0d867673756792153d3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5a3b13fd2428f239ff017ca25b8a9e9_JaffaCakes118
Size

34KB
Sample

240925-ks623syhpg
MD5

f5a3b13fd2428f239ff017ca25b8a9e9
SHA1

56f6145104a44e10d4dcea8a7498c6c88de7b9a6
SHA256

6b3a71aa9a2747d8a8f4e5feaa95020b282a248dec79e0d867673756792153d3
SHA512

5849eb1ebf47f40382513becea0d36fe253e93328e0f14fdba1254d59bf872b00bb14d7120aff01c855848553c9455d1e58d15445ce955bb438cfa9044e57e18
SSDEEP

768:jJMbAWzBnwbRLTKGN3Dr+EE252dcuRphI9:lMM9T3N3DAddJvu9

Score

10^/10

discovery evasion trojan upx

Malware Config

Targets

- Target
  
  f5a3b13fd2428f239ff017ca25b8a9e9_JaffaCakes118
- Size
  
  34KB
- MD5
  
  f5a3b13fd2428f239ff017ca25b8a9e9
- SHA1
  
  56f6145104a44e10d4dcea8a7498c6c88de7b9a6
- SHA256
  
  6b3a71aa9a2747d8a8f4e5feaa95020b282a248dec79e0d867673756792153d3
- SHA512
  
  5849eb1ebf47f40382513becea0d36fe253e93328e0f14fdba1254d59bf872b00bb14d7120aff01c855848553c9455d1e58d15445ce955bb438cfa9044e57e18
- SSDEEP
  
  768:jJMbAWzBnwbRLTKGN3Dr+EE252dcuRphI9:lMM9T3N3DAddJvu9
Score

10^/10

discovery evasion trojan upx
- Modifies firewall policy service
  evasion
- UAC bypass
  evasion trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Checks whether UAC is enabled
  evasion trojan
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Create or Modify System Process

Windows Service

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify System Firewall

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojanupx

behavioral2

discoveryevasiontrojanupx