9fbc1790000d9bbacf0741202751acd56ce986393adaeba6c6f8c8f61aa62fe0 | Triage

Submit
Reports

Overview

overview

8

Static

static

7

39f9c4646a...18.exe

windows7-x64

8

39f9c4646a...18.exe

windows10-2004-x64

7

$TEMP/4HKMbhZs.dll

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

39f9c4646aadcf838d55ae8e2740d4f4_JaffaCakes118
Size

102KB
Sample

240711-vedhqavhjn
MD5

39f9c4646aadcf838d55ae8e2740d4f4
SHA1

2823506139411f72f741e75ef12a68f0299614d5
SHA256

9fbc1790000d9bbacf0741202751acd56ce986393adaeba6c6f8c8f61aa62fe0
SHA512

44ac8bba1fa939f3dcc775a3280fbfd46f090d2d105a7129d4aa8534e78271dac0ad40be0f807b7392a1d24d982f76b9039c50b8a129ef2417f1d185354beb5c
SSDEEP

3072:IgXdZt9P6D3XJbCLHc7La7XTvjMq53CzFWcnL:Ie344DcXYLgqwRWcL

Score

8^/10

upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

39f9c4646aadcf838d55ae8e2740d4f4_JaffaCakes118.exe

Resource

win7-20240705-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

39f9c4646aadcf838d55ae8e2740d4f4_JaffaCakes118.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

$TEMP/4HKMbhZs.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  39f9c4646aadcf838d55ae8e2740d4f4_JaffaCakes118
- Size
  
  102KB
- MD5
  
  39f9c4646aadcf838d55ae8e2740d4f4
- SHA1
  
  2823506139411f72f741e75ef12a68f0299614d5
- SHA256
  
  9fbc1790000d9bbacf0741202751acd56ce986393adaeba6c6f8c8f61aa62fe0
- SHA512
  
  44ac8bba1fa939f3dcc775a3280fbfd46f090d2d105a7129d4aa8534e78271dac0ad40be0f807b7392a1d24d982f76b9039c50b8a129ef2417f1d185354beb5c
- SSDEEP
  
  3072:IgXdZt9P6D3XJbCLHc7La7XTvjMq53CzFWcnL:Ie344DcXYLgqwRWcL
Score

8^/10

upx
- Blocklisted process makes network request
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  $TEMP/4HKMbhZs.dll
- Size
  
  71KB
- MD5
  
  f6df0c1ed00d1c1a3a2976ba832765d6
- SHA1
  
  315b1a41b0e6328543e6cd31ab114fd144aecdbb
- SHA256
  
  b38ba468cb301b7cb3db3262ebdbfc045c485a0bb2947d59461cba198900f24e
- SHA512
  
  7850224f293943a0476e2d8ce3082f93881dbbc107d482ec655ea5f1b4f73b208361fe7422e2b99c7980bc6774ead4813e43eb3e1e0cd34868817a993cab5d75
- SSDEEP
  
  1536:G/zuOVTaPTGxn4zthmkKSQV51IpX+G2xyEdZB6NLg/8:qusYKn+/mktU1RH7R/8
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

© 2018-2025

Terms | Privacy