23d75b0b40e21cd8ff0109737f6a1b895fb5e5aff2056efbcc660d66487bc3fb | Triage

Submit
Reports

Overview

overview

7

Static

static

7

748a09d76d...18.exe

windows7-x64

7

748a09d76d...18.exe

windows10-2004-x64

7

Sharing

General

Target

748a09d76d5ef5fe3d8e9780b118885f_JaffaCakes118
Size

328KB
Sample

240726-senmksvdpr
MD5

748a09d76d5ef5fe3d8e9780b118885f
SHA1

a1f382a941923941bd02c855a0b466df31f8ce4d
SHA256

23d75b0b40e21cd8ff0109737f6a1b895fb5e5aff2056efbcc660d66487bc3fb
SHA512

1ab5c34c85d7067e2a392db1e82624e59e447dbc6706f61afc0b24cd6339871ead8e00c754501ca3f351f16218525319a11b7840a9d9d0fb66dc5310c3c091ca
SSDEEP

6144:sHKtZ5bEwhKZuxrE0zUWe2K5OHzjWGN8LFhsr6nN3PGr:uMEzZE6sK5OvaxhsAf

Score

7^/10

adware discovery persistence stealer upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

748a09d76d5ef5fe3d8e9780b118885f_JaffaCakes118.exe

Resource

win7-20240708-en

adware discovery persistence stealer upx

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

748a09d76d5ef5fe3d8e9780b118885f_JaffaCakes118.exe

Resource

win10v2004-20240709-en

adware discovery persistence stealer upx

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  748a09d76d5ef5fe3d8e9780b118885f_JaffaCakes118
- Size
  
  328KB
- MD5
  
  748a09d76d5ef5fe3d8e9780b118885f
- SHA1
  
  a1f382a941923941bd02c855a0b466df31f8ce4d
- SHA256
  
  23d75b0b40e21cd8ff0109737f6a1b895fb5e5aff2056efbcc660d66487bc3fb
- SHA512
  
  1ab5c34c85d7067e2a392db1e82624e59e447dbc6706f61afc0b24cd6339871ead8e00c754501ca3f351f16218525319a11b7840a9d9d0fb66dc5310c3c091ca
- SSDEEP
  
  6144:sHKtZ5bEwhKZuxrE0zUWe2K5OHzjWGN8LFhsr6nN3PGr:uMEzZE6sK5OvaxhsAf
Score

7^/10

adware discovery persistence stealer upx
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverypersistencestealerupx

behavioral2

adwarediscoverypersistencestealerupx

© 2018-2025

Terms | Privacy