0da70db56f823d337f24e5c379eb66491ae85400b1acbff5c78d5530e7eb45ca | Triage

Submit
Reports

Overview

overview

8

Static

static

7

d359809395...18.exe

windows7-x64

8

d359809395...18.exe

windows10-2004-x64

8

Sharing

General

Target

d359809395d3d66532ebe53104a6547e_JaffaCakes118
Size

4.8MB
Sample

240908-c7q1eazhrm
MD5

d359809395d3d66532ebe53104a6547e
SHA1

f4db3ee8814692ccc4133e69cb0b7d785e8022b3
SHA256

0da70db56f823d337f24e5c379eb66491ae85400b1acbff5c78d5530e7eb45ca
SHA512

889072a44578dcee5c743a78031c3eb6ce2e04494a9aa51b8a6215f5895e5ac219d57927bc2be5bd9ba8513f825feea2533020ce2340cb31c25119dffaaffc72
SSDEEP

49152:gt2BlAIfEA9M+w6zmEgWnJqnYlseFYEQxMxysKI4pnes8wpmQ:gt2NM+w6zmS6YlsSys9KnV8wpmQ

Score

8^/10

discovery persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

d359809395d3d66532ebe53104a6547e_JaffaCakes118.exe

Resource

win7-20240708-en

discovery persistence upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

d359809395d3d66532ebe53104a6547e_JaffaCakes118.exe

Resource

win10v2004-20240802-en

discovery persistence upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  d359809395d3d66532ebe53104a6547e_JaffaCakes118
- Size
  
  4.8MB
- MD5
  
  d359809395d3d66532ebe53104a6547e
- SHA1
  
  f4db3ee8814692ccc4133e69cb0b7d785e8022b3
- SHA256
  
  0da70db56f823d337f24e5c379eb66491ae85400b1acbff5c78d5530e7eb45ca
- SHA512
  
  889072a44578dcee5c743a78031c3eb6ce2e04494a9aa51b8a6215f5895e5ac219d57927bc2be5bd9ba8513f825feea2533020ce2340cb31c25119dffaaffc72
- SSDEEP
  
  49152:gt2BlAIfEA9M+w6zmEgWnJqnYlseFYEQxMxysKI4pnes8wpmQ:gt2NM+w6zmS6YlsSys9KnV8wpmQ
Score

8^/10

discovery persistence upx
- Drops file in Drivers directory
- Sets service image path in registry
  persistence
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx

© 2018-2025

Terms | Privacy