36dbb5e353ba47a7398ea10ecec0e4ece6f2427177f6b65c5f91540e3305df7c | Triage

Submit
Reports

Overview

overview

Static

static

7

1b4d39edd5...18.exe

windows7-x64

1b4d39edd5...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

1b4d39edd5a219a34c5931dd45503af6_JaffaCakes118
Size

38KB
Sample

240701-pnc1navenj
MD5

1b4d39edd5a219a34c5931dd45503af6
SHA1

b52188ade34de59cc8e95e970b54612ae4db40df
SHA256

36dbb5e353ba47a7398ea10ecec0e4ece6f2427177f6b65c5f91540e3305df7c
SHA512

9a4fdbfc18a5e3d0c286372409594f695de729533640926158ce281f8fc7e87e652fc2373c97c4d9a7c1865d992e9d43cc81eac76bb13d179f87e3d5e180a086
SSDEEP

768:pwVrZO8K0vagHUX/nyL6pgbCn84yuRxzaUE9cK1IkQYp:pwtZOaHHE0Cn84yiJLEuqIkQYp

Score

10^/10

evasion execution persistence trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

1b4d39edd5a219a34c5931dd45503af6_JaffaCakes118.exe

Resource

win7-20240611-en

evasion execution persistence trojan upx

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

1b4d39edd5a219a34c5931dd45503af6_JaffaCakes118.exe

Resource

win10v2004-20240508-en

evasion execution persistence trojan upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  1b4d39edd5a219a34c5931dd45503af6_JaffaCakes118
- Size
  
  38KB
- MD5
  
  1b4d39edd5a219a34c5931dd45503af6
- SHA1
  
  b52188ade34de59cc8e95e970b54612ae4db40df
- SHA256
  
  36dbb5e353ba47a7398ea10ecec0e4ece6f2427177f6b65c5f91540e3305df7c
- SHA512
  
  9a4fdbfc18a5e3d0c286372409594f695de729533640926158ce281f8fc7e87e652fc2373c97c4d9a7c1865d992e9d43cc81eac76bb13d179f87e3d5e180a086
- SSDEEP
  
  768:pwVrZO8K0vagHUX/nyL6pgbCn84yuRxzaUE9cK1IkQYp:pwtZOaHHE0Cn84yiJLEuqIkQYp
Score

10^/10

evasion execution persistence trojan upx
- Disables service(s)
  evasion execution
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

evasionexecutionpersistencetrojanupx

behavioral2

evasionexecutionpersistencetrojanupx

© 2018-2025

Terms | Privacy