59e67d69feafe243f46aac9af5d0f71c24a820f4beee9f88b35d075f970b72d2 | Triage

Submit
Reports

Overview

overview

9

Static

static

7

1ba862a3e5...18.exe

windows7-x64

9

1ba862a3e5...18.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

1ba862a3e5231b648e57cde1e41314f7_JaffaCakes118
Size

554KB
Sample

240701-rv1fmszgnq
MD5

1ba862a3e5231b648e57cde1e41314f7
SHA1

cdee69a2f8ab051f0c89fe104fb11ff149187ffc
SHA256

59e67d69feafe243f46aac9af5d0f71c24a820f4beee9f88b35d075f970b72d2
SHA512

5862ad634a02e9a2d69eb98ebb3231b1d0a6da1c8d2fb2c0ffb4916185a4854aa40dc37d5ba9f04f8b4412259425396aeaba9c28cfbb13e12827b809dc66cc48
SSDEEP

6144:CDmM8/wrKP/X8y+DblCoX9504Zbcj9IrQLpuRTtynkm58BPDi+GR3agg2RTg2hYd:C7mwrVCy9ztm9IELoTtAOi+Mg28m/Av

Score

9^/10

evasion upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

1ba862a3e5231b648e57cde1e41314f7_JaffaCakes118.exe

Resource

win7-20240611-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

1ba862a3e5231b648e57cde1e41314f7_JaffaCakes118.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  1ba862a3e5231b648e57cde1e41314f7_JaffaCakes118
- Size
  
  554KB
- MD5
  
  1ba862a3e5231b648e57cde1e41314f7
- SHA1
  
  cdee69a2f8ab051f0c89fe104fb11ff149187ffc
- SHA256
  
  59e67d69feafe243f46aac9af5d0f71c24a820f4beee9f88b35d075f970b72d2
- SHA512
  
  5862ad634a02e9a2d69eb98ebb3231b1d0a6da1c8d2fb2c0ffb4916185a4854aa40dc37d5ba9f04f8b4412259425396aeaba9c28cfbb13e12827b809dc66cc48
- SSDEEP
  
  6144:CDmM8/wrKP/X8y+DblCoX9504Zbcj9IrQLpuRTtynkm58BPDi+GR3agg2RTg2hYd:C7mwrVCy9ztm9IELoTtAOi+Mg28m/Av
Score

9^/10

evasion upx
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy