9109bf9d928cc948f472406e3320e92b5bc01eb7183051dd7f93d4e4e91d29fc | Triage

Submit
Reports

Overview

overview

7

Static

static

5

10057b7ab7...18.exe

windows7-x64

7

10057b7ab7...18.exe

windows10-2004-x64

7

Sharing

General

Target

10057b7ab7615e203c9798df19125a8b_JaffaCakes118
Size

785KB
Sample

241003-wtdygasgqf
MD5

10057b7ab7615e203c9798df19125a8b
SHA1

6b71d2739b1dedbefac05b0c067166798d1f0e08
SHA256

9109bf9d928cc948f472406e3320e92b5bc01eb7183051dd7f93d4e4e91d29fc
SHA512

3160761c9b4f29563e6a05ce3601c3a4fafc0e8e4a098c29a802d24db05176d245bd9beddc883a716751cdc15c962c8a9c146012ea170b818b8e0942220d77ec
SSDEEP

12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27Qitjeg:r5sJo6YrFUiyAak11Ltjeg

Score

7^/10

discovery persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

10057b7ab7615e203c9798df19125a8b_JaffaCakes118.exe

Resource

win7-20240903-en

discovery persistence upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

10057b7ab7615e203c9798df19125a8b_JaffaCakes118.exe

Resource

win10v2004-20240802-en

discovery persistence upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  10057b7ab7615e203c9798df19125a8b_JaffaCakes118
- Size
  
  785KB
- MD5
  
  10057b7ab7615e203c9798df19125a8b
- SHA1
  
  6b71d2739b1dedbefac05b0c067166798d1f0e08
- SHA256
  
  9109bf9d928cc948f472406e3320e92b5bc01eb7183051dd7f93d4e4e91d29fc
- SHA512
  
  3160761c9b4f29563e6a05ce3601c3a4fafc0e8e4a098c29a802d24db05176d245bd9beddc883a716751cdc15c962c8a9c146012ea170b818b8e0942220d77ec
- SSDEEP
  
  12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27Qitjeg:r5sJo6YrFUiyAak11Ltjeg
Score

7^/10

discovery persistence upx
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx

© 2018-2025

Terms | Privacy