a44acceafef289327661bab33ebc7508f5b6a25c626f4a02d56f570e938dd72d | Triage

Submit
Reports

Overview

overview

7

Static

static

5

fe40c41930...18.dll

windows7-x64

5

fe40c41930...18.dll

windows10-2004-x64

7

Sharing

General

Target

fe40c419302f54cca686fdf2ba0ffb7f_JaffaCakes118
Size

111KB
Sample

240929-lkw3ks1eqa
MD5

fe40c419302f54cca686fdf2ba0ffb7f
SHA1

c1ffe9d45a1547ed5bf025c135acc34d5d328679
SHA256

a44acceafef289327661bab33ebc7508f5b6a25c626f4a02d56f570e938dd72d
SHA512

b6ec9b388d572d157452defa32461b9db6cf2f681456d50c6b8aa497e55cc36df31553939f3d9459957960ed3f9dc25aad0464f3fd4df783ea304fabbbc3c628
SSDEEP

1536:+ZFUCATS4mfJKHXWRNaw59dbDgL8ItRKiMRRYSTqD4Ip:+4bVKqKPYSM4c

Score

7^/10

defense_evasion discovery privilege_escalation upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

fe40c419302f54cca686fdf2ba0ffb7f_JaffaCakes118.dll

Resource

win7-20240903-en

defense_evasion discovery privilege_escalation upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

fe40c419302f54cca686fdf2ba0ffb7f_JaffaCakes118.dll

Resource

win10v2004-20240802-en

defense_evasion discovery privilege_escalation upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  fe40c419302f54cca686fdf2ba0ffb7f_JaffaCakes118
- Size
  
  111KB
- MD5
  
  fe40c419302f54cca686fdf2ba0ffb7f
- SHA1
  
  c1ffe9d45a1547ed5bf025c135acc34d5d328679
- SHA256
  
  a44acceafef289327661bab33ebc7508f5b6a25c626f4a02d56f570e938dd72d
- SHA512
  
  b6ec9b388d572d157452defa32461b9db6cf2f681456d50c6b8aa497e55cc36df31553939f3d9459957960ed3f9dc25aad0464f3fd4df783ea304fabbbc3c628
- SSDEEP
  
  1536:+ZFUCATS4mfJKHXWRNaw59dbDgL8ItRKiMRRYSTqD4Ip:+4bVKqKPYSM4c
Score

7^/10

defense_evasion discovery privilege_escalation upx
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Access Token Manipulation

Create Process with Token

Defense Evasion

Access Token Manipulation

Create Process with Token

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryprivilege_escalationupx

behavioral2

defense_evasiondiscoveryprivilege_escalationupx

© 2018-2025

Terms | Privacy