df65c511a8ec029f2f52b92ded4078962bb4f294bd65b495fcc8d65b26fa5522 | Triage

Submit
Reports

Overview

overview

Static

static

7

bd2f0c9246...18.exe

windows7-x64

bd2f0c9246...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

bd2f0c92465292c8eb49dccf0c26eeb9_JaffaCakes118
Size

75KB
Sample

240823-z3qv6sygmn
MD5

bd2f0c92465292c8eb49dccf0c26eeb9
SHA1

7e94f44fec308818c116d8920a607067f74d4c51
SHA256

df65c511a8ec029f2f52b92ded4078962bb4f294bd65b495fcc8d65b26fa5522
SHA512

6a80a40c03ee814a26b8a9f083587727278737d589df7f5634b0c4839c9adf96fb822dca755eec58309444ef76812a6a11f98568ba640f051a9b14831bf87036
SSDEEP

1536:rADZWlNkY/NAfAb42LhbgREl1ZuvORrbcqfYsOHrdQjg:rA1WlVCRo1AWijt

Score

10^/10

discovery evasion persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

bd2f0c92465292c8eb49dccf0c26eeb9_JaffaCakes118.exe

Resource

win7-20240729-en

discovery evasion persistence upx

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

bd2f0c92465292c8eb49dccf0c26eeb9_JaffaCakes118.exe

Resource

win10v2004-20240802-en

discovery evasion persistence upx

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  bd2f0c92465292c8eb49dccf0c26eeb9_JaffaCakes118
- Size
  
  75KB
- MD5
  
  bd2f0c92465292c8eb49dccf0c26eeb9
- SHA1
  
  7e94f44fec308818c116d8920a607067f74d4c51
- SHA256
  
  df65c511a8ec029f2f52b92ded4078962bb4f294bd65b495fcc8d65b26fa5522
- SHA512
  
  6a80a40c03ee814a26b8a9f083587727278737d589df7f5634b0c4839c9adf96fb822dca755eec58309444ef76812a6a11f98568ba640f051a9b14831bf87036
- SSDEEP
  
  1536:rADZWlNkY/NAfAb42LhbgREl1ZuvORrbcqfYsOHrdQjg:rA1WlVCRo1AWijt
Score

10^/10

discovery evasion persistence upx
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Event Triggered Execution: Image File Execution Options Injection
  persistence
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Image File Execution Options Injection

Privilege Escalation

Event Triggered Execution

Change Default File Association

Image File Execution Options Injection

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceupx

behavioral2

discoveryevasionpersistenceupx

© 2018-2025

Terms | Privacy