f0d4a3eee32300876809b9fd70c7ecfa8b1bd52ce1c93395bccd21ee74e1ce55 | Triage

Sharing

General

Target

0311a708f2608353af7b7cec4f003cd7_JaffaCakes118
Size

146KB
Sample

240930-ytlz7axamf
MD5

0311a708f2608353af7b7cec4f003cd7
SHA1

eab9a3da9c3c8675b38a799c889ffc43e63292ee
SHA256

f0d4a3eee32300876809b9fd70c7ecfa8b1bd52ce1c93395bccd21ee74e1ce55
SHA512

ba077c733b23042370cdd1f8523b66ce32ab9ae070a0c3a22279e0794b7bd18f0b9218fca3bccf087a8a88a81a39d662d4bb916b2038a861ba0876765177ea6d
SSDEEP

3072:2/YQvRJ+W4TsrNSKUeX5AUDWL9aC8+VN8rd3m9SZfIEcrzok:2juTsrNWonWL0sP9sEP

Score

6^/10

discovery persistence upx

Malware Config

Targets

- Target
  
  0311a708f2608353af7b7cec4f003cd7_JaffaCakes118
- Size
  
  146KB
- MD5
  
  0311a708f2608353af7b7cec4f003cd7
- SHA1
  
  eab9a3da9c3c8675b38a799c889ffc43e63292ee
- SHA256
  
  f0d4a3eee32300876809b9fd70c7ecfa8b1bd52ce1c93395bccd21ee74e1ce55
- SHA512
  
  ba077c733b23042370cdd1f8523b66ce32ab9ae070a0c3a22279e0794b7bd18f0b9218fca3bccf087a8a88a81a39d662d4bb916b2038a861ba0876765177ea6d
- SSDEEP
  
  3072:2/YQvRJ+W4TsrNSKUeX5AUDWL9aC8+VN8rd3m9SZfIEcrzok:2juTsrNWonWL0sP9sEP
Score

6^/10

discovery persistence upx
- Adds Run key to start application
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx