8d9f11ff135b108d6e33e5e82bcf004882dff3adcce72121994638772e9a7fbd | Triage

Submit
Reports

Overview

overview

7

Static

static

7

1b1f658ad8...18.exe

windows7-x64

7

1b1f658ad8...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

1b1f658ad8f88cef643502ce7939b2d1_JaffaCakes118
Size

28KB
Sample

240701-nlhyfsygkc
MD5

1b1f658ad8f88cef643502ce7939b2d1
SHA1

95853ff9e9e836daf0be5b93bc121f523751d33c
SHA256

8d9f11ff135b108d6e33e5e82bcf004882dff3adcce72121994638772e9a7fbd
SHA512

16f108bae11dd96ae9ad43cf94a8cb2f5e4ac44adca9941e3f8e185de164f3c06f62e8f89e9d8426a7e990477425d5484521a4aeebf8ad0e52e39a865f5fb3b9
SSDEEP

768:1V+zQi6uTa+TS8Ejs9ddjXydQqbMmfwr:uUb+u8Eg9vjXydQFp

Score

7^/10

upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

1b1f658ad8f88cef643502ce7939b2d1_JaffaCakes118.exe

Resource

win7-20240611-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

1b1f658ad8f88cef643502ce7939b2d1_JaffaCakes118.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  1b1f658ad8f88cef643502ce7939b2d1_JaffaCakes118
- Size
  
  28KB
- MD5
  
  1b1f658ad8f88cef643502ce7939b2d1
- SHA1
  
  95853ff9e9e836daf0be5b93bc121f523751d33c
- SHA256
  
  8d9f11ff135b108d6e33e5e82bcf004882dff3adcce72121994638772e9a7fbd
- SHA512
  
  16f108bae11dd96ae9ad43cf94a8cb2f5e4ac44adca9941e3f8e185de164f3c06f62e8f89e9d8426a7e990477425d5484521a4aeebf8ad0e52e39a865f5fb3b9
- SSDEEP
  
  768:1V+zQi6uTa+TS8Ejs9ddjXydQqbMmfwr:uUb+u8Eg9vjXydQFp
Score

7^/10

upx
- Deletes itself
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy