691ed0c45a8938fe644b12f1a7ed88218592625cb354baa2bb59a94c4426717a | Triage

Sharing

General

Target

JaffaCakes118_e2a0db79fb91f060c81c51e9a86e812b
Size

139KB
Sample

250120-k59zhaslcq
MD5

e2a0db79fb91f060c81c51e9a86e812b
SHA1

cc60cf05aeddcb2287bd70a9a7e344801db1461b
SHA256

691ed0c45a8938fe644b12f1a7ed88218592625cb354baa2bb59a94c4426717a
SHA512

045396ecbfe0976644bc7c79f9a30160803ea256c6ebfb2c2ad0a102b8c1916477d8a00d5811c49a5f24625e2ba9891c62e5945f33c0c7ea5b5d0f9d5f0f54d2
SSDEEP

3072:Ye8jMCjM/keGyMYaKW6Y307R116ouVecMdlT0/m:YftIPaN33GP16oBxt

Score

6^/10

discovery persistence upx

Malware Config

Targets

- Target
  
  JaffaCakes118_e2a0db79fb91f060c81c51e9a86e812b
- Size
  
  139KB
- MD5
  
  e2a0db79fb91f060c81c51e9a86e812b
- SHA1
  
  cc60cf05aeddcb2287bd70a9a7e344801db1461b
- SHA256
  
  691ed0c45a8938fe644b12f1a7ed88218592625cb354baa2bb59a94c4426717a
- SHA512
  
  045396ecbfe0976644bc7c79f9a30160803ea256c6ebfb2c2ad0a102b8c1916477d8a00d5811c49a5f24625e2ba9891c62e5945f33c0c7ea5b5d0f9d5f0f54d2
- SSDEEP
  
  3072:Ye8jMCjM/keGyMYaKW6Y307R116ouVecMdlT0/m:YftIPaN33GP16oBxt
Score

6^/10

discovery persistence upx
- Adds Run key to start application
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx