8de99059d800418bfdf3f4d0b086e4417c763d7678181ecb1b5fdaa899d2e2e0 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

eac995ff45...18.exe

windows7-x64

7

eac995ff45...18.exe

windows10-2004-x64

7

Sharing

General

Target

eac995ff45a4f772ec6440c3de9436da_JaffaCakes118
Size

45KB
Sample

240919-hj3l7awcpj
MD5

eac995ff45a4f772ec6440c3de9436da
SHA1

c40d3907b7a7806af03598f63e203995565ff414
SHA256

8de99059d800418bfdf3f4d0b086e4417c763d7678181ecb1b5fdaa899d2e2e0
SHA512

7da75024b0b10392ba924e8bbdf70d266ed3c7a3369f9f6ee94b5924c6e2b7b6e0aac30555fef1327122024a8813fa514f2890c3ec814898b094c0be8673bf93
SSDEEP

768:apsFxQWjsve3coUN45YjDfCj+rHbB1nLJHwcHaO/cAqiYe:T7fI2sbU2w+nB1LpwcHaYBz

Score

7^/10

discovery persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

eac995ff45a4f772ec6440c3de9436da_JaffaCakes118.exe

Resource

win7-20240704-en

discovery persistence upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

eac995ff45a4f772ec6440c3de9436da_JaffaCakes118.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  eac995ff45a4f772ec6440c3de9436da_JaffaCakes118
- Size
  
  45KB
- MD5
  
  eac995ff45a4f772ec6440c3de9436da
- SHA1
  
  c40d3907b7a7806af03598f63e203995565ff414
- SHA256
  
  8de99059d800418bfdf3f4d0b086e4417c763d7678181ecb1b5fdaa899d2e2e0
- SHA512
  
  7da75024b0b10392ba924e8bbdf70d266ed3c7a3369f9f6ee94b5924c6e2b7b6e0aac30555fef1327122024a8813fa514f2890c3ec814898b094c0be8673bf93
- SSDEEP
  
  768:apsFxQWjsve3coUN45YjDfCj+rHbB1nLJHwcHaO/cAqiYe:T7fI2sbU2w+nB1LpwcHaYBz
Score

7^/10

discovery persistence upx
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

© 2018-2025

Terms | Privacy