b4acb63f78b9d302bd4913570a4e9db336705cb743f8ea36120af1d18782b7cd | Triage

Submit
Reports

Overview

overview

7

Static

static

7

693ac8eeab...18.exe

windows7-x64

7

693ac8eeab...18.exe

windows10-2004-x64

7

Sharing

General

Target

693ac8eeabf48fc99883927b158153aa_JaffaCakes118
Size

4.7MB
Sample

240523-beh9esga23
MD5

693ac8eeabf48fc99883927b158153aa
SHA1

885ea12da101c3d9a7e49df83d9e0131c756cc96
SHA256

b4acb63f78b9d302bd4913570a4e9db336705cb743f8ea36120af1d18782b7cd
SHA512

3830f21dd858f8c36682fa4e733e71192e6819bfb636b4c5c0385813873aefd1722616ef1bc62607cbd876426561ac2f847bd88b4695811d138a8e128a8f4e96
SSDEEP

98304:Tl88udp4A2evUNGnVuUwGLVWy0/OQmjmUah6rpHD9:yzDiNyiXfGDvz

Score

7^/10

discovery upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

693ac8eeabf48fc99883927b158153aa_JaffaCakes118.exe

Resource

win7-20240508-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

693ac8eeabf48fc99883927b158153aa_JaffaCakes118.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  693ac8eeabf48fc99883927b158153aa_JaffaCakes118
- Size
  
  4.7MB
- MD5
  
  693ac8eeabf48fc99883927b158153aa
- SHA1
  
  885ea12da101c3d9a7e49df83d9e0131c756cc96
- SHA256
  
  b4acb63f78b9d302bd4913570a4e9db336705cb743f8ea36120af1d18782b7cd
- SHA512
  
  3830f21dd858f8c36682fa4e733e71192e6819bfb636b4c5c0385813873aefd1722616ef1bc62607cbd876426561ac2f847bd88b4695811d138a8e128a8f4e96
- SSDEEP
  
  98304:Tl88udp4A2evUNGnVuUwGLVWy0/OQmjmUah6rpHD9:yzDiNyiXfGDvz
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy