599e4add63e03108593066e5b7615f66452d17484e6aa887a7cb58295ab1be0d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

016a9799420715aaec3f0ad7dc77406b_JaffaCakes118
Size

5KB
Sample

240930-p3ccnswdpm
MD5

016a9799420715aaec3f0ad7dc77406b
SHA1

218a427729693db30116ee51c88fe3855d77530f
SHA256

599e4add63e03108593066e5b7615f66452d17484e6aa887a7cb58295ab1be0d
SHA512

4be8561e90ce0b4ac3feba3eaa0746f9821b97433f3abbc1183b2f1c4dacf2b9b3deeb758e3013ac14683685b8db5a56e508e101875d82a206fe79d44530c7d4
SSDEEP

96:3cgqIU4pMz1TwTwVdo7tuWFtZGN/IUTn0NUmzf7YINDtz:j+7OTw7oZuWxC/9b0N77YINDtz

Score

8^/10

discovery evasion persistence privilege_escalation upx

Malware Config

Targets

- Target
  
  016a9799420715aaec3f0ad7dc77406b_JaffaCakes118
- Size
  
  5KB
- MD5
  
  016a9799420715aaec3f0ad7dc77406b
- SHA1
  
  218a427729693db30116ee51c88fe3855d77530f
- SHA256
  
  599e4add63e03108593066e5b7615f66452d17484e6aa887a7cb58295ab1be0d
- SHA512
  
  4be8561e90ce0b4ac3feba3eaa0746f9821b97433f3abbc1183b2f1c4dacf2b9b3deeb758e3013ac14683685b8db5a56e508e101875d82a206fe79d44530c7d4
- SSDEEP
  
  96:3cgqIU4pMz1TwTwVdo7tuWFtZGN/IUTn0NUmzf7YINDtz:j+7OTw7oZuWxC/9b0N77YINDtz
Score

8^/10

discovery upx evasion persistence privilege_escalation
- Modifies Windows Firewall
  evasion
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasionpersistenceprivilege_escalationupx