64f9c7790b4037e55a35d775e2f25a94bd09f0b245d73af08dcd1f606159996a | Triage

Submit
Reports

Overview

overview

7

Static

static

3

bd3cb1eb94...18.exe

windows7-x64

7

bd3cb1eb94...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

bd3cb1eb94f951fc5c56967c8c0eea86_JaffaCakes118
Size

57KB
Sample

240823-1ekvpazfll
MD5

bd3cb1eb94f951fc5c56967c8c0eea86
SHA1

a9b5f3c167d78287918d247ce743b73af5a84783
SHA256

64f9c7790b4037e55a35d775e2f25a94bd09f0b245d73af08dcd1f606159996a
SHA512

285c5f1a1d2828dc78a3e6609fa92f57e552959df514003222324224cf6aa5f90bb45452aa6ee8419a71505b43f1546904aa945f08eae29b392bb15118e40405
SSDEEP

768:ryESznCIdH45oA0PnE6KPP2kUWZZN+wK3bZWjr9nID9RDYP54kNJa6KPQBia++Rs:bSznCIK5oAuKP80NyEjxIhGP5+6q+Ds

Score

7^/10

adware discovery stealer upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

bd3cb1eb94f951fc5c56967c8c0eea86_JaffaCakes118.exe

Resource

win7-20240704-en

adware discovery stealer upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

bd3cb1eb94f951fc5c56967c8c0eea86_JaffaCakes118.exe

Resource

win10v2004-20240802-en

adware discovery stealer upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  bd3cb1eb94f951fc5c56967c8c0eea86_JaffaCakes118
- Size
  
  57KB
- MD5
  
  bd3cb1eb94f951fc5c56967c8c0eea86
- SHA1
  
  a9b5f3c167d78287918d247ce743b73af5a84783
- SHA256
  
  64f9c7790b4037e55a35d775e2f25a94bd09f0b245d73af08dcd1f606159996a
- SHA512
  
  285c5f1a1d2828dc78a3e6609fa92f57e552959df514003222324224cf6aa5f90bb45452aa6ee8419a71505b43f1546904aa945f08eae29b392bb15118e40405
- SSDEEP
  
  768:ryESznCIdH45oA0PnE6KPP2kUWZZN+wK3bZWjr9nID9RDYP54kNJa6KPQBia++Rs:bSznCIK5oAuKP80NyEjxIhGP5+6q+Ds
Score

7^/10

adware discovery stealer upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealerupx

behavioral2

adwarediscoverystealerupx

© 2018-2025

Terms | Privacy