da8d76123a9c20471caeacaf002a0e011543bed3eeec3558402b1913214dd004 | Triage

Submit
Reports

Overview

overview

Static

static

7

f94e9b88f4...18.dll

windows7-x64

f94e9b88f4...18.dll

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

f94e9b88f4fb5af3bc71803b8e258f6e_JaffaCakes118
Size

23KB
Sample

240419-czvzdsec74
MD5

f94e9b88f4fb5af3bc71803b8e258f6e
SHA1

3d2d5d8f3c29272aa18bacbfbd93c9f6098903fd
SHA256

da8d76123a9c20471caeacaf002a0e011543bed3eeec3558402b1913214dd004
SHA512

bce3caac8905871fd0026c3c1d5d765546dca465390eca022227fbc2cd4639f9bd697f9fdcf22e4f67530232db2aa9cbbdc116031decc434c435396a3268a99b
SSDEEP

384:C4d0hJc1txpxacog/Zug3Y66Ud8Qdyv56jQYv0Innx6ir/ukkd0EGJlC:C4d0hIx75Zug3mUOQdyRnYsE6i7ukINY

Score

10^/10

adware evasion stealer upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

f94e9b88f4fb5af3bc71803b8e258f6e_JaffaCakes118.dll

Resource

win7-20240221-en

adware evasion stealer upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

f94e9b88f4fb5af3bc71803b8e258f6e_JaffaCakes118.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  f94e9b88f4fb5af3bc71803b8e258f6e_JaffaCakes118
- Size
  
  23KB
- MD5
  
  f94e9b88f4fb5af3bc71803b8e258f6e
- SHA1
  
  3d2d5d8f3c29272aa18bacbfbd93c9f6098903fd
- SHA256
  
  da8d76123a9c20471caeacaf002a0e011543bed3eeec3558402b1913214dd004
- SHA512
  
  bce3caac8905871fd0026c3c1d5d765546dca465390eca022227fbc2cd4639f9bd697f9fdcf22e4f67530232db2aa9cbbdc116031decc434c435396a3268a99b
- SSDEEP
  
  384:C4d0hJc1txpxacog/Zug3Y66Ud8Qdyv56jQYv0Innx6ir/ukkd0EGJlC:C4d0hIx75Zug3mUOQdyRnYsE6i7ukINY
Score

10^/10

adware evasion stealer upx
- Modifies firewall policy service
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwareevasionstealerupx

behavioral2

© 2018-2025

Terms | Privacy