fea2457bd9e2a1c5f5492e2e4f4d32b802a0bf7909202a8ed7f8c804753d094f | Triage

Submit
Reports

Overview

overview

7

Static

static

7

42d715fcf1...18.exe

windows7-x64

7

42d715fcf1...18.exe

windows10-2004-x64

7

Sharing

General

Target

42d715fcf1e4150a6e470a742de66f8e_JaffaCakes118
Size

95KB
Sample

240713-w5bbqavane
MD5

42d715fcf1e4150a6e470a742de66f8e
SHA1

6f667f3b5d4e899f0784c4efe1e8ed9763dfc150
SHA256

fea2457bd9e2a1c5f5492e2e4f4d32b802a0bf7909202a8ed7f8c804753d094f
SHA512

4685fcf30438ed0fcdf02bc3d5d507f4d0fa0110beb797ee3f085cf8bbfb7ba9416d01eb3de3548af678116823c7e894f49a8108a4f0cde64a584347302dff02
SSDEEP

1536:rj9VU/R51ZIdJ2N5aMHHHFSRAKuOAp29HvCRMvYQpZjStnebRCAEF8sE46Yeojnv:MX4doFH4RABp29wqYoZuteNsB6lqndZ

Score

7^/10

adware evasion execution stealer trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

42d715fcf1e4150a6e470a742de66f8e_JaffaCakes118.exe

Resource

win7-20240705-en

adware evasion execution stealer trojan upx

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

42d715fcf1e4150a6e470a742de66f8e_JaffaCakes118.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  42d715fcf1e4150a6e470a742de66f8e_JaffaCakes118
- Size
  
  95KB
- MD5
  
  42d715fcf1e4150a6e470a742de66f8e
- SHA1
  
  6f667f3b5d4e899f0784c4efe1e8ed9763dfc150
- SHA256
  
  fea2457bd9e2a1c5f5492e2e4f4d32b802a0bf7909202a8ed7f8c804753d094f
- SHA512
  
  4685fcf30438ed0fcdf02bc3d5d507f4d0fa0110beb797ee3f085cf8bbfb7ba9416d01eb3de3548af678116823c7e894f49a8108a4f0cde64a584347302dff02
- SSDEEP
  
  1536:rj9VU/R51ZIdJ2N5aMHHHFSRAKuOAp29HvCRMvYQpZjStnebRCAEF8sE46Yeojnv:MX4doFH4RABp29wqYoZuteNsB6lqndZ
Score

7^/10

adware evasion execution stealer trojan upx
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks whether UAC is enabled
  evasion trojan
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwareevasionexecutionstealertrojanupx

behavioral2

© 2018-2025

Terms | Privacy