9d302f7fc64fa4045410bd4165ddec82229af72db4fd551b3e886982cd93377b | Triage

Sharing

General

Target

05ecdf399523f3bd6bafcb1bc587cfcd_JaffaCakes118
Size

139KB
Sample

241001-qbmj1avcqh
MD5

05ecdf399523f3bd6bafcb1bc587cfcd
SHA1

a7af9797aeb2a8fa5ef34ca36728bdb0a291c626
SHA256

9d302f7fc64fa4045410bd4165ddec82229af72db4fd551b3e886982cd93377b
SHA512

dda05cdddc95a1d8bbbb7b396a85a62edf323231580dd61560b7444d0d7875ec3bf9a521ce465b5db5262f203feb8d21860fe494657f1a8a6c51a16891e368bc
SSDEEP

3072:Ye8jMCjM/keGyMYaKW6Y307R116ouVecMdlT0/m3:YftIPaN33GP16oBxt

Score

6^/10

discovery persistence upx

Malware Config

Targets

- Target
  
  05ecdf399523f3bd6bafcb1bc587cfcd_JaffaCakes118
- Size
  
  139KB
- MD5
  
  05ecdf399523f3bd6bafcb1bc587cfcd
- SHA1
  
  a7af9797aeb2a8fa5ef34ca36728bdb0a291c626
- SHA256
  
  9d302f7fc64fa4045410bd4165ddec82229af72db4fd551b3e886982cd93377b
- SHA512
  
  dda05cdddc95a1d8bbbb7b396a85a62edf323231580dd61560b7444d0d7875ec3bf9a521ce465b5db5262f203feb8d21860fe494657f1a8a6c51a16891e368bc
- SSDEEP
  
  3072:Ye8jMCjM/keGyMYaKW6Y307R116ouVecMdlT0/m3:YftIPaN33GP16oBxt
Score

6^/10

discovery persistence upx
- Adds Run key to start application
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx