18f659265241559e036c00653d129c4341bc12f1f6993fdd78afa8742c87b233 | Triage

Submit
Reports

Overview

overview

Static

static

7

ed57e5e938...18.exe

windows7-x64

ed57e5e938...18.exe

windows10-2004-x64

Sharing

General

Target

ed57e5e938f16e6a04d4e482498fc303_JaffaCakes118
Size

136KB
Sample

240920-lx49qa1bpn
MD5

ed57e5e938f16e6a04d4e482498fc303
SHA1

222295930f82ffc28552a5aca3d536e40038d07e
SHA256

18f659265241559e036c00653d129c4341bc12f1f6993fdd78afa8742c87b233
SHA512

a5890c925f7d1ff3e848d2c0047ff713d101a8c791c73df2e496af58713de45af2392600f75c04a3965b23e5a95320f46be740696582692b5798f19127851209
SSDEEP

1536:AcZL7wYRgRmOzpAdUBV4NF4Lbj1vYfZahU2cPlTx7EYa9YbeG91dPilum:AG7wUgoOzpXKKLefZahU2ax7ERutTm

Score

10^/10

discovery evasion execution persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ed57e5e938f16e6a04d4e482498fc303_JaffaCakes118.exe

Resource

win7-20240903-en

discovery evasion execution persistence upx

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

ed57e5e938f16e6a04d4e482498fc303_JaffaCakes118.exe

Resource

win10v2004-20240802-en

discovery evasion execution persistence upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  ed57e5e938f16e6a04d4e482498fc303_JaffaCakes118
- Size
  
  136KB
- MD5
  
  ed57e5e938f16e6a04d4e482498fc303
- SHA1
  
  222295930f82ffc28552a5aca3d536e40038d07e
- SHA256
  
  18f659265241559e036c00653d129c4341bc12f1f6993fdd78afa8742c87b233
- SHA512
  
  a5890c925f7d1ff3e848d2c0047ff713d101a8c791c73df2e496af58713de45af2392600f75c04a3965b23e5a95320f46be740696582692b5798f19127851209
- SSDEEP
  
  1536:AcZL7wYRgRmOzpAdUBV4NF4Lbj1vYfZahU2cPlTx7EYa9YbeG91dPilum:AG7wUgoOzpXKKLefZahU2ax7ERutTm
Score

10^/10

discovery evasion execution persistence upx
- Disables service(s)
  evasion execution
- Adds policy Run key to start application
  persistence
- Drops file in Drivers directory
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionexecutionpersistenceupx

behavioral2

discoveryevasionexecutionpersistenceupx

© 2018-2025

Terms | Privacy