2540b7f5d2da787db3ff20748af69dc31c92f1f12b2e07972e0d7cb5714a281c | Triage

Submit
Reports

Overview

overview

8

Static

static

7

b7df00eebc...18.exe

windows7-x64

8

b7df00eebc...18.exe

windows10-2004-x64

8

Sharing

General

Target

b7df00eebc9dc3d1478b4dc8e2cca4c0_JaffaCakes118
Size

642KB
Sample

240822-q2wwcszepd
MD5

b7df00eebc9dc3d1478b4dc8e2cca4c0
SHA1

77d591188a21b46586ff1cccaa5c61d333baf465
SHA256

2540b7f5d2da787db3ff20748af69dc31c92f1f12b2e07972e0d7cb5714a281c
SHA512

b4622b900075cae149f61b7663cb94e71404e9f4f586e629f70c1d1f29b403a11f7194a97f9bfafdab18a3f1101ca21fac475415fc35c456afbe16e67b824bac
SSDEEP

12288:FuwanY/SgkMc6OkgHHdwoy91jL4Q2vT19g8TLSr29wEK5D7u+:hWYdOta7IQh8TLR9AP

Score

8^/10

aspackv2 discovery persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

b7df00eebc9dc3d1478b4dc8e2cca4c0_JaffaCakes118.exe

Resource

win7-20240704-en

aspackv2 discovery persistence upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

b7df00eebc9dc3d1478b4dc8e2cca4c0_JaffaCakes118.exe

Resource

win10v2004-20240802-en

aspackv2 discovery persistence upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  b7df00eebc9dc3d1478b4dc8e2cca4c0_JaffaCakes118
- Size
  
  642KB
- MD5
  
  b7df00eebc9dc3d1478b4dc8e2cca4c0
- SHA1
  
  77d591188a21b46586ff1cccaa5c61d333baf465
- SHA256
  
  2540b7f5d2da787db3ff20748af69dc31c92f1f12b2e07972e0d7cb5714a281c
- SHA512
  
  b4622b900075cae149f61b7663cb94e71404e9f4f586e629f70c1d1f29b403a11f7194a97f9bfafdab18a3f1101ca21fac475415fc35c456afbe16e67b824bac
- SSDEEP
  
  12288:FuwanY/SgkMc6OkgHHdwoy91jL4Q2vT19g8TLSr29wEK5D7u+:hWYdOta7IQh8TLR9AP
Score

8^/10

aspackv2 discovery persistence upx
- Server Software Component: Terminal Services DLL
  persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2discoverypersistenceupx

behavioral2

aspackv2discoverypersistenceupx

© 2018-2025

Terms | Privacy