196cd92cab116b450c25237f0fd30d0a1096745a4cf4e60738192c460edcbaeb | Triage

Submit
Reports

Overview

overview

Static

static

3

0535dc324f...18.exe

windows7-x64

0535dc324f...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

Target

0535dc324f6b5a4b377e4848d9876fdb_JaffaCakes118
Size

361KB
Sample

240620-mpdbpsxblm
MD5

0535dc324f6b5a4b377e4848d9876fdb
SHA1

a1f3d2ae8b99f43f773f3f481bae4dca6bec4921
SHA256

196cd92cab116b450c25237f0fd30d0a1096745a4cf4e60738192c460edcbaeb
SHA512

55420f6581c83549a8b71d6d0857c428ec7b1818acb8b75282df3167db8e4c3a39c5bf2467f84d662430ef0023d54b917c1b87518b987126d748d4cf736a346f
SSDEEP

6144:FYYUIr+OXOBaU7iGYiJkaV2OFbC4XEqPTY/U1GvbYG+XtLETkzmo:FYYUZxgU7iGYiJkaC2fPTY/U8vbYj54O

Score

10^/10

persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0535dc324f6b5a4b377e4848d9876fdb_JaffaCakes118.exe

Resource

win7-20240221-en

persistence upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

0535dc324f6b5a4b377e4848d9876fdb_JaffaCakes118.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Targets

- Target
  
  0535dc324f6b5a4b377e4848d9876fdb_JaffaCakes118
- Size
  
  361KB
- MD5
  
  0535dc324f6b5a4b377e4848d9876fdb
- SHA1
  
  a1f3d2ae8b99f43f773f3f481bae4dca6bec4921
- SHA256
  
  196cd92cab116b450c25237f0fd30d0a1096745a4cf4e60738192c460edcbaeb
- SHA512
  
  55420f6581c83549a8b71d6d0857c428ec7b1818acb8b75282df3167db8e4c3a39c5bf2467f84d662430ef0023d54b917c1b87518b987126d748d4cf736a346f
- SSDEEP
  
  6144:FYYUIr+OXOBaU7iGYiJkaV2OFbC4XEqPTY/U1GvbYG+XtLETkzmo:FYYUZxgU7iGYiJkaC2fPTY/U8vbYj54O
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy