7ea48330d25c2ad36c52af58f1e354d2134de92a0d392445e5ac891e631b675d | Triage

Submit
Reports

Overview

overview

Static

static

3

ba8b60ddd7...18.exe

windows7-x64

7

ba8b60ddd7...18.exe

windows10-2004-x64

Sharing

General

Target

ba8b60ddd7b938435c4af999fa06369f_JaffaCakes118
Size

40KB
Sample

240618-jnmbfaxgrq
MD5

ba8b60ddd7b938435c4af999fa06369f
SHA1

0673ede4a4d1c7123937f451e7c3adca609db459
SHA256

7ea48330d25c2ad36c52af58f1e354d2134de92a0d392445e5ac891e631b675d
SHA512

be9eb8b1749a9dd07b65d9919798522bda1706de2d46c3c767b05f35b8caee367f6b20a2bc3981a58b5985d6c585514f9fbf2b21cf737769041dfcc0800f6fa8
SSDEEP

768:aq9m/ZsybSg2ts4L3RLc/qjhsKmHbk1+qJ0UtHV8ZLw:aqk/Zdic/qjh8w19JDHss

Score

10^/10

microsoft persistence phishing product:outlook upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ba8b60ddd7b938435c4af999fa06369f_JaffaCakes118.exe

Resource

win7-20240508-en

persistence upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

ba8b60ddd7b938435c4af999fa06369f_JaffaCakes118.exe

Resource

win10v2004-20240611-en

microsoft persistence phishing product:outlook upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  ba8b60ddd7b938435c4af999fa06369f_JaffaCakes118
- Size
  
  40KB
- MD5
  
  ba8b60ddd7b938435c4af999fa06369f
- SHA1
  
  0673ede4a4d1c7123937f451e7c3adca609db459
- SHA256
  
  7ea48330d25c2ad36c52af58f1e354d2134de92a0d392445e5ac891e631b675d
- SHA512
  
  be9eb8b1749a9dd07b65d9919798522bda1706de2d46c3c767b05f35b8caee367f6b20a2bc3981a58b5985d6c585514f9fbf2b21cf737769041dfcc0800f6fa8
- SSDEEP
  
  768:aq9m/ZsybSg2ts4L3RLc/qjhsKmHbk1+qJ0UtHV8ZLw:aqk/Zdic/qjh8w19JDHss
Score

10^/10

persistence upx microsoft phishing product:outlook
- Detected microsoft outlook phishing page
  phishing microsoft product:outlook
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishingproduct:outlookupx

© 2018-2024

Terms | Privacy