5fab60054f9fd73f113a816551baa5a7965cb1bbc171c22b2e80a5067910c857 | Triage

Sharing

General

Target

175011926a34677f74c07dfd49603fad_JaffaCakes118
Size

51KB
Sample

241005-mhax1azdlr
MD5

175011926a34677f74c07dfd49603fad
SHA1

fdd3323d483755ca7ec46f6dca3b3309dd010eda
SHA256

5fab60054f9fd73f113a816551baa5a7965cb1bbc171c22b2e80a5067910c857
SHA512

55de5b046a55ab1c00201267d993f9810c3bd6cc07846fd6aaf305a81553091301ef32435ea4eedb9129a11d249b3e9287788e405ec9d3838ad7cac06c5b618d
SSDEEP

1536:uOAGytMCQFZ69coh7y2hbUo999n95CTcJCV:upGBpcy+9R9QM

Score

8^/10

discovery evasion persistence upx

Malware Config

Targets

- Target
  
  175011926a34677f74c07dfd49603fad_JaffaCakes118
- Size
  
  51KB
- MD5
  
  175011926a34677f74c07dfd49603fad
- SHA1
  
  fdd3323d483755ca7ec46f6dca3b3309dd010eda
- SHA256
  
  5fab60054f9fd73f113a816551baa5a7965cb1bbc171c22b2e80a5067910c857
- SHA512
  
  55de5b046a55ab1c00201267d993f9810c3bd6cc07846fd6aaf305a81553091301ef32435ea4eedb9129a11d249b3e9287788e405ec9d3838ad7cac06c5b618d
- SSDEEP
  
  1536:uOAGytMCQFZ69coh7y2hbUo999n95CTcJCV:upGBpcy+9R9QM
Score

8^/10

discovery evasion persistence upx
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
- Adds Run key to start application
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceupx

behavioral2

discoveryevasionpersistenceupx