49495a904d08de5aef39ef08d8bc65acd48f0fe15d3be68f95a72a5d59b435fa | Triage

Submit
Reports

Overview

overview

7

Static

static

3

64ef09bcde...18.exe

windows7-x64

7

64ef09bcde...18.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

Target

64ef09bcde9d8dde6521445f39019f57_JaffaCakes118
Size

311KB
Sample

240722-1r9pks1aqq
MD5

64ef09bcde9d8dde6521445f39019f57
SHA1

d8d6c02564bee9bb83c043a406512c64ac340341
SHA256

49495a904d08de5aef39ef08d8bc65acd48f0fe15d3be68f95a72a5d59b435fa
SHA512

95ebd1a90d7b514aa57405eba42c9ca65b093a56572d26b38ec9096d926bc3c5eb19c824290577d903459575a7a1b2d0a234003018ce18b7c04f671ffa3eb7e6
SSDEEP

6144:Ud+NsHYcfGkNdCEW/gh95Re3YIAR6y0SROGN+4PrVAuJq:Ud+uH3fGoCEW/49zwdGI4PrVAQq

Score

7^/10

persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

64ef09bcde9d8dde6521445f39019f57_JaffaCakes118.exe

Resource

win7-20240704-en

persistence upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

64ef09bcde9d8dde6521445f39019f57_JaffaCakes118.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  64ef09bcde9d8dde6521445f39019f57_JaffaCakes118
- Size
  
  311KB
- MD5
  
  64ef09bcde9d8dde6521445f39019f57
- SHA1
  
  d8d6c02564bee9bb83c043a406512c64ac340341
- SHA256
  
  49495a904d08de5aef39ef08d8bc65acd48f0fe15d3be68f95a72a5d59b435fa
- SHA512
  
  95ebd1a90d7b514aa57405eba42c9ca65b093a56572d26b38ec9096d926bc3c5eb19c824290577d903459575a7a1b2d0a234003018ce18b7c04f671ffa3eb7e6
- SSDEEP
  
  6144:Ud+NsHYcfGkNdCEW/gh95Re3YIAR6y0SROGN+4PrVAuJq:Ud+uH3fGoCEW/49zwdGI4PrVAQq
Score

7^/10

persistence upx
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy