e03d8ab413dde35119ddf1454abe9b56b624c8979435c7bc5e63e2001c02d82c | Triage

Submit
Reports

Overview

overview

Static

static

7

93fc71c7ab...18.exe

windows7-x64

93fc71c7ab...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

93fc71c7abef0a2fb2f0a618a1d18139_JaffaCakes118
Size

339KB
Sample

240813-vpvjzs1blj
MD5

93fc71c7abef0a2fb2f0a618a1d18139
SHA1

36588c85f2293993475b345fe85be8c02f6bd7f9
SHA256

e03d8ab413dde35119ddf1454abe9b56b624c8979435c7bc5e63e2001c02d82c
SHA512

9156254fe37533c7ca442e8afb3d62e19c1695ffc94b8653180f8a0e1780bf8e57b28cec8f4236da7f23501ce240c50da162fa4e45ed5e02e2098734c0ec97eb
SSDEEP

6144:zLEchZLsu1AcKKIFrMg3p/UHLEhtfwjH5fc1zdLThGniSRxixV4naNiEGoZSKaUr:0iZLn1SKIFlUHLEk75UJdcniSRxuV4aT

Score

10^/10

discovery evasion persistence trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

93fc71c7abef0a2fb2f0a618a1d18139_JaffaCakes118.exe

Resource

win7-20240704-en

discovery evasion persistence trojan upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

93fc71c7abef0a2fb2f0a618a1d18139_JaffaCakes118.exe

Resource

win10v2004-20240802-en

discovery evasion persistence trojan upx

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  93fc71c7abef0a2fb2f0a618a1d18139_JaffaCakes118
- Size
  
  339KB
- MD5
  
  93fc71c7abef0a2fb2f0a618a1d18139
- SHA1
  
  36588c85f2293993475b345fe85be8c02f6bd7f9
- SHA256
  
  e03d8ab413dde35119ddf1454abe9b56b624c8979435c7bc5e63e2001c02d82c
- SHA512
  
  9156254fe37533c7ca442e8afb3d62e19c1695ffc94b8653180f8a0e1780bf8e57b28cec8f4236da7f23501ce240c50da162fa4e45ed5e02e2098734c0ec97eb
- SSDEEP
  
  6144:zLEchZLsu1AcKKIFrMg3p/UHLEhtfwjH5fc1zdLThGniSRxixV4naNiEGoZSKaUr:0iZLn1SKIFlUHLEk75UJdcniSRxuV4aT
Score

10^/10

discovery evasion persistence trojan upx
- Modifies firewall policy service
  evasion
- Adds policy Run key to start application
  persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojanupx

behavioral2

discoveryevasionpersistencetrojanupx

© 2018-2025

Terms | Privacy