f1307cbf493963b94a1b4c084de1f2cd6f3a647950facbae8c02b37d457c4e77 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

ef111d2c52...18.exe

windows7-x64

7

ef111d2c52...18.exe

windows10-2004-x64

7

Sharing

General

Target

ef111d2c52ab18ff644381a1a1390d0c_JaffaCakes118
Size

1.0MB
Sample

240921-e3p9esvepe
MD5

ef111d2c52ab18ff644381a1a1390d0c
SHA1

43090366a00fc6265277c131cd0d22c66e7b5fe7
SHA256

f1307cbf493963b94a1b4c084de1f2cd6f3a647950facbae8c02b37d457c4e77
SHA512

66101af72f29cafaa37d3c8f8eaa9acc4b237fd0b0414785dffd816ad9252d17e906dab4802ae78d52c83dab3958544d413a22194392fb65687e410508723120
SSDEEP

24576:yD3euKmLCkWZSbcHTrlQzSraIKu78ThO3pEUaUTV4s:E3+pFnHXLaI8KaUT

Score

7^/10

discovery upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

ef111d2c52ab18ff644381a1a1390d0c_JaffaCakes118.exe

Resource

win7-20240903-en

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

ef111d2c52ab18ff644381a1a1390d0c_JaffaCakes118.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  ef111d2c52ab18ff644381a1a1390d0c_JaffaCakes118
- Size
  
  1.0MB
- MD5
  
  ef111d2c52ab18ff644381a1a1390d0c
- SHA1
  
  43090366a00fc6265277c131cd0d22c66e7b5fe7
- SHA256
  
  f1307cbf493963b94a1b4c084de1f2cd6f3a647950facbae8c02b37d457c4e77
- SHA512
  
  66101af72f29cafaa37d3c8f8eaa9acc4b237fd0b0414785dffd816ad9252d17e906dab4802ae78d52c83dab3958544d413a22194392fb65687e410508723120
- SSDEEP
  
  24576:yD3euKmLCkWZSbcHTrlQzSraIKu78ThO3pEUaUTV4s:E3+pFnHXLaI8KaUT
Score

7^/10

discovery upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy