f03d233f08f685bd506d4ed413c346659bc8ea0e05ed0134c869b6f304713ec4 | Triage

Submit
Reports

Overview

overview

Static

static

7

eec988d2c4...18.dll

windows7-x64

eec988d2c4...18.dll

windows10-2004-x64

Sharing

General

Target

eec988d2c45a12b5ad30e59b9dffbf62_JaffaCakes118
Size

165KB
Sample

240921-bjzf7sxhqe
MD5

eec988d2c45a12b5ad30e59b9dffbf62
SHA1

ba795744d9b9d4bb6c1dcabc19ab9a23d79257c3
SHA256

f03d233f08f685bd506d4ed413c346659bc8ea0e05ed0134c869b6f304713ec4
SHA512

ba45cfd953f8945c516b99f6e71b282b7ac15a17b6e55ab604c50a0959bef7907bc943542769a6a3563f22c811ea316c065b740fd2c4a367af9dec53526aeee3
SSDEEP

3072:IfCxerVTeOpD/etpdK+78LwQSAsAILKNxC9pdMIv42FByb4Cn9UUtpz:Her7D2tpPwcCILKTCTdMIvZC93tp

Score

10^/10

discovery persistence upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

eec988d2c45a12b5ad30e59b9dffbf62_JaffaCakes118.dll

Resource

win7-20240903-en

discovery persistence upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

eec988d2c45a12b5ad30e59b9dffbf62_JaffaCakes118.dll

Resource

win10v2004-20240802-en

discovery persistence upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  eec988d2c45a12b5ad30e59b9dffbf62_JaffaCakes118
- Size
  
  165KB
- MD5
  
  eec988d2c45a12b5ad30e59b9dffbf62
- SHA1
  
  ba795744d9b9d4bb6c1dcabc19ab9a23d79257c3
- SHA256
  
  f03d233f08f685bd506d4ed413c346659bc8ea0e05ed0134c869b6f304713ec4
- SHA512
  
  ba45cfd953f8945c516b99f6e71b282b7ac15a17b6e55ab604c50a0959bef7907bc943542769a6a3563f22c811ea316c065b740fd2c4a367af9dec53526aeee3
- SSDEEP
  
  3072:IfCxerVTeOpD/etpdK+78LwQSAsAILKNxC9pdMIv42FByb4Cn9UUtpz:Her7D2tpPwcCILKTCTdMIvZC93tp
Score

10^/10

discovery persistence upx
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Blocklisted process makes network request
- Drops file in Drivers directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx

© 2018-2025

Terms | Privacy