b075c5f47e03a3c0dfa2fefc974f283674042ecfc5e3b2361646aea041e42594 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

ef6b9c22aa...18.dll

windows7-x64

7

ef6b9c22aa...18.dll

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

ef6b9c22aa1630dbe3ae9ece27a42388_JaffaCakes118
Size

1.0MB
Sample

240921-kgz5dstcnl
MD5

ef6b9c22aa1630dbe3ae9ece27a42388
SHA1

fd28d2097d29ae003d3dfcfd3d6fcd431b19df22
SHA256

b075c5f47e03a3c0dfa2fefc974f283674042ecfc5e3b2361646aea041e42594
SHA512

1c4678b79bd5df66a482e7b675cc59ab47afd2504f0299780f5ba4ac4d50fcc2922810ea711e643b7840d2b2803868dbbfc7b4ec9cf45a64147dc6c0adc11da2
SSDEEP

24576:syZe4m2RBWSuBRJfAcEMtGziooofCmi8bVdbCL:sWtRANBRJfAuZ8KloW

Score

7^/10

aspackv2 discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ef6b9c22aa1630dbe3ae9ece27a42388_JaffaCakes118.dll

Resource

win7-20240708-en

aspackv2 discovery

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

ef6b9c22aa1630dbe3ae9ece27a42388_JaffaCakes118.dll

Resource

win10v2004-20240802-en

aspackv2 discovery

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  ef6b9c22aa1630dbe3ae9ece27a42388_JaffaCakes118
- Size
  
  1.0MB
- MD5
  
  ef6b9c22aa1630dbe3ae9ece27a42388
- SHA1
  
  fd28d2097d29ae003d3dfcfd3d6fcd431b19df22
- SHA256
  
  b075c5f47e03a3c0dfa2fefc974f283674042ecfc5e3b2361646aea041e42594
- SHA512
  
  1c4678b79bd5df66a482e7b675cc59ab47afd2504f0299780f5ba4ac4d50fcc2922810ea711e643b7840d2b2803868dbbfc7b4ec9cf45a64147dc6c0adc11da2
- SSDEEP
  
  24576:syZe4m2RBWSuBRJfAcEMtGziooofCmi8bVdbCL:sWtRANBRJfAuZ8KloW
Score

7^/10

aspackv2 discovery
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2discovery

behavioral2

aspackv2discovery

© 2018-2025

Terms | Privacy