1ce4136768f7263ab813adc3ac8b7faa4bce6118002db58e24e1b4568310bf04 | Triage

Submit
Reports

Overview

overview

8

Static

static

7

c27c257659...18.exe

windows7-x64

8

c27c257659...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

c27c257659ec3ad75cc9b0488ce9efd3_JaffaCakes118
Size

7.9MB
Sample

240826-hl4x2asbrl
MD5

c27c257659ec3ad75cc9b0488ce9efd3
SHA1

297d90fcc4557f4b11bb8ec55a5aa801a3408197
SHA256

1ce4136768f7263ab813adc3ac8b7faa4bce6118002db58e24e1b4568310bf04
SHA512

3c94ce172b9273f56cc78c0018193f04f7c4a9bb1379f382af56623082dc6928ad229720994be505c9dfbb2575988372e93e66feca89074f7cb080df0ed109a1
SSDEEP

49152:C7cBQLtuQatzBQLtuQVQLtuQafQWQLtuQVQLtuQagQLtuQafQWQLtbQavQLtuQaw:CBI2gHgkHEkgHEaHEkaEaHEks

Score

8^/10

discovery persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

c27c257659ec3ad75cc9b0488ce9efd3_JaffaCakes118.exe

Resource

win7-20240708-en

discovery persistence upx

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

c27c257659ec3ad75cc9b0488ce9efd3_JaffaCakes118.exe

Resource

win10v2004-20240802-en

discovery persistence upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  c27c257659ec3ad75cc9b0488ce9efd3_JaffaCakes118
- Size
  
  7.9MB
- MD5
  
  c27c257659ec3ad75cc9b0488ce9efd3
- SHA1
  
  297d90fcc4557f4b11bb8ec55a5aa801a3408197
- SHA256
  
  1ce4136768f7263ab813adc3ac8b7faa4bce6118002db58e24e1b4568310bf04
- SHA512
  
  3c94ce172b9273f56cc78c0018193f04f7c4a9bb1379f382af56623082dc6928ad229720994be505c9dfbb2575988372e93e66feca89074f7cb080df0ed109a1
- SSDEEP
  
  49152:C7cBQLtuQatzBQLtuQVQLtuQafQWQLtuQVQLtuQagQLtuQafQWQLtbQavQLtuQaw:CBI2gHgkHEkgHEaHEkaEaHEks
Score

8^/10

discovery persistence upx
- Sets service image path in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx

© 2018-2025

Terms | Privacy