ddaa9f1e4d09add675e24eccf39deebc727aa9f45694ddef12aebe7b13ccd8ef | Triage

Submit
Reports

Overview

overview

7

Static

static

3

eabd019ce7...18.exe

windows7-x64

7

eabd019ce7...18.exe

windows10-2004-x64

7

Sharing

General

Target

eabd019ce78357ace1d2316a36397054_JaffaCakes118
Size

42KB
Sample

240919-gyw8aavdkk
MD5

eabd019ce78357ace1d2316a36397054
SHA1

89c13864ae5f6fcc6d44149fa91affda7a97c45a
SHA256

ddaa9f1e4d09add675e24eccf39deebc727aa9f45694ddef12aebe7b13ccd8ef
SHA512

6d3d99b1a7fca1f5ad5c11ec9982d8af8a86ee1cef00c80bd6134ac3ef0b2014ac3a0e32b4587ab2592860a2f4950ac938c032fd6d7587c8b7c689c69b2ca871
SSDEEP

768:NzdmXnsMXl5H0j84tsKTidJb8nMLGypq/W2fHv8hUkKDukCul3hcpJZPYJoE0k:NoXEj86sKs8nMXq/pfBkKDudQmp2

Score

7^/10

defense_evasion discovery persistence privilege_escalation upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

eabd019ce78357ace1d2316a36397054_JaffaCakes118.exe

Resource

win7-20240903-en

defense_evasion discovery persistence privilege_escalation upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

eabd019ce78357ace1d2316a36397054_JaffaCakes118.exe

Resource

win10v2004-20240802-en

defense_evasion discovery persistence privilege_escalation upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  eabd019ce78357ace1d2316a36397054_JaffaCakes118
- Size
  
  42KB
- MD5
  
  eabd019ce78357ace1d2316a36397054
- SHA1
  
  89c13864ae5f6fcc6d44149fa91affda7a97c45a
- SHA256
  
  ddaa9f1e4d09add675e24eccf39deebc727aa9f45694ddef12aebe7b13ccd8ef
- SHA512
  
  6d3d99b1a7fca1f5ad5c11ec9982d8af8a86ee1cef00c80bd6134ac3ef0b2014ac3a0e32b4587ab2592860a2f4950ac938c032fd6d7587c8b7c689c69b2ca871
- SSDEEP
  
  768:NzdmXnsMXl5H0j84tsKTidJb8nMLGypq/W2fHv8hUkKDukCul3hcpJZPYJoE0k:NoXEj86sKs8nMXq/pfBkKDudQmp2
Score

7^/10

defense_evasion discovery persistence privilege_escalation upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Access Token Manipulation

Create Process with Token

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Access Token Manipulation

Create Process with Token

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverypersistenceprivilege_escalationupx

behavioral2

defense_evasiondiscoverypersistenceprivilege_escalationupx

© 2018-2025

Terms | Privacy