aa70355f11f9f664622e748f275c07284563615035c86e2bbb04b3fd0272e1a3 | Triage

Submit
Reports

Overview

overview

Static

static

7

1962680e2d...18.exe

windows7-x64

1962680e2d...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

1962680e2dfd42255cda62968d20614b_JaffaCakes118
Size

672KB
Sample

240628-jyaemayfpd
MD5

1962680e2dfd42255cda62968d20614b
SHA1

43f8c6e61e704793f02189bc355a3aaf6eae1812
SHA256

aa70355f11f9f664622e748f275c07284563615035c86e2bbb04b3fd0272e1a3
SHA512

a15a677ac3a90a6f12fc7a2dd3ec0a17121f8f3427ff325df77dedced3fa7006e695d36a4baa4619b311019613ae56be0b5806371a743ff1ade6e445d5672342
SSDEEP

6144:IuIL4XOrbL8uutpsPHhhtQDdINgP2iMjz5qBHswNet42Y1dWlpkD5FaIA:I7lr07/s/hhtudFWJIHZNeyf1dW8D

Score

10^/10

persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

1962680e2dfd42255cda62968d20614b_JaffaCakes118.exe

Resource

win7-20240611-en

persistence upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

1962680e2dfd42255cda62968d20614b_JaffaCakes118.exe

Resource

win10v2004-20240508-en

persistence upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  1962680e2dfd42255cda62968d20614b_JaffaCakes118
- Size
  
  672KB
- MD5
  
  1962680e2dfd42255cda62968d20614b
- SHA1
  
  43f8c6e61e704793f02189bc355a3aaf6eae1812
- SHA256
  
  aa70355f11f9f664622e748f275c07284563615035c86e2bbb04b3fd0272e1a3
- SHA512
  
  a15a677ac3a90a6f12fc7a2dd3ec0a17121f8f3427ff325df77dedced3fa7006e695d36a4baa4619b311019613ae56be0b5806371a743ff1ade6e445d5672342
- SSDEEP
  
  6144:IuIL4XOrbL8uutpsPHhhtQDdINgP2iMjz5qBHswNet42Y1dWlpkD5FaIA:I7lr07/s/hhtudFWJIHZNeyf1dW8D
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy