4968589501bf18935b4b6536d42192595131e997e1da031958ff199e2bdda1d0 | Triage

Submit
Reports

Overview

overview

8

Static

static

3

3eafed9d8f...18.exe

windows7-x64

8

3eafed9d8f...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

3eafed9d8fa5b65425dd61a03d893769_JaffaCakes118
Size

136KB
Sample

240712-yq66yszgrb
MD5

3eafed9d8fa5b65425dd61a03d893769
SHA1

38425d40bfc333f4cfa71e639576bf6f4175c924
SHA256

4968589501bf18935b4b6536d42192595131e997e1da031958ff199e2bdda1d0
SHA512

465aff064853f97016628e2dd39e17873616466d338d1de22e0a17ac1eb1e159d74c8ac74dda5b3d1eaed19e593ab5f51a771fa61cf398c9c2c3e0bcda16dd37
SSDEEP

3072:dc1OW8a11OTGW8kTPeZIrBXlMhsQnA95o4lKbDC23p5:XW8a11I8kTPCuX+xu5o4lK/9p

Score

8^/10

persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3eafed9d8fa5b65425dd61a03d893769_JaffaCakes118.exe

Resource

win7-20240708-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

3eafed9d8fa5b65425dd61a03d893769_JaffaCakes118.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  3eafed9d8fa5b65425dd61a03d893769_JaffaCakes118
- Size
  
  136KB
- MD5
  
  3eafed9d8fa5b65425dd61a03d893769
- SHA1
  
  38425d40bfc333f4cfa71e639576bf6f4175c924
- SHA256
  
  4968589501bf18935b4b6536d42192595131e997e1da031958ff199e2bdda1d0
- SHA512
  
  465aff064853f97016628e2dd39e17873616466d338d1de22e0a17ac1eb1e159d74c8ac74dda5b3d1eaed19e593ab5f51a771fa61cf398c9c2c3e0bcda16dd37
- SSDEEP
  
  3072:dc1OW8a11OTGW8kTPeZIrBXlMhsQnA95o4lKbDC23p5:XW8a11I8kTPCuX+xu5o4lK/9p
Score

8^/10

persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy