428652bd402f0b6294abb9c5790c78cd96c8877f845d91d59adb59ccd0cf17fe | Triage

Sharing

General

Target

02ce6e7eaef1d5de8a30397b299e708f_JaffaCakes118
Size

21KB
Sample

240930-xklsdszgjr
MD5

02ce6e7eaef1d5de8a30397b299e708f
SHA1

0bf0ce27985393814f414f7e4851df2c74c98721
SHA256

428652bd402f0b6294abb9c5790c78cd96c8877f845d91d59adb59ccd0cf17fe
SHA512

884caf288977731225721be1953996b5c8fa5518581556de9132fa2c10a34a37f832e19c9499b13f7db89a537134d1bb537f3cf1bc8b00c9c25c9754e47aa10a
SSDEEP

384:sLWCpCJ6xhNN8S0gPW2KUCphaMTaR3ItDCuV9UAvdOh+/3o:6zZtN8SVKUCpJTaItO4U6di+/

Score

8^/10

discovery evasion execution upx

Malware Config

Targets

- Target
  
  02ce6e7eaef1d5de8a30397b299e708f_JaffaCakes118
- Size
  
  21KB
- MD5
  
  02ce6e7eaef1d5de8a30397b299e708f
- SHA1
  
  0bf0ce27985393814f414f7e4851df2c74c98721
- SHA256
  
  428652bd402f0b6294abb9c5790c78cd96c8877f845d91d59adb59ccd0cf17fe
- SHA512
  
  884caf288977731225721be1953996b5c8fa5518581556de9132fa2c10a34a37f832e19c9499b13f7db89a537134d1bb537f3cf1bc8b00c9c25c9754e47aa10a
- SSDEEP
  
  384:sLWCpCJ6xhNN8S0gPW2KUCphaMTaR3ItDCuV9UAvdOh+/3o:6zZtN8SVKUCpJTaItO4U6di+/
Score

8^/10

discovery evasion execution upx
- Stops running service(s)
  evasion execution
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionexecutionupx

behavioral2

discoveryevasionexecutionupx