b22c51e018397d4e4dda03a18f10d787c3fa966ddf8b1429eea2c118f7de4595 | Triage

Submit
Reports

Overview

overview

6

Static

static

5

2f595b8acb...18.exe

windows7-x64

6

2f595b8acb...18.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

Target

2f595b8acb65bbf5264342442f8d3077_JaffaCakes118
Size

50KB
Sample

241009-mcswmatara
MD5

2f595b8acb65bbf5264342442f8d3077
SHA1

bd7ac08d2fe047476eaa4eb9b7172b5dbbace013
SHA256

b22c51e018397d4e4dda03a18f10d787c3fa966ddf8b1429eea2c118f7de4595
SHA512

99b2d9174c8618ff26717f5c2431f0e796686ee86d41639ed54c527150a3e67c285d9c0e681f7ee0af6c043426fb3ac14c35b8b298cc656cd799f772f357d778
SSDEEP

768:njtCpMIpNTmP0dRHlhD3w42Yb+VdHbaQ/hjGWOMUK+tGDoIwnbPmeiJyXDmis:njUB3D3PlOdHbauj2bmeniF

Score

6^/10

discovery persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2f595b8acb65bbf5264342442f8d3077_JaffaCakes118.exe

Resource

win7-20240903-en

discovery persistence upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

2f595b8acb65bbf5264342442f8d3077_JaffaCakes118.exe

Resource

win10v2004-20241007-en

discovery persistence upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  2f595b8acb65bbf5264342442f8d3077_JaffaCakes118
- Size
  
  50KB
- MD5
  
  2f595b8acb65bbf5264342442f8d3077
- SHA1
  
  bd7ac08d2fe047476eaa4eb9b7172b5dbbace013
- SHA256
  
  b22c51e018397d4e4dda03a18f10d787c3fa966ddf8b1429eea2c118f7de4595
- SHA512
  
  99b2d9174c8618ff26717f5c2431f0e796686ee86d41639ed54c527150a3e67c285d9c0e681f7ee0af6c043426fb3ac14c35b8b298cc656cd799f772f357d778
- SSDEEP
  
  768:njtCpMIpNTmP0dRHlhD3w42Yb+VdHbaQ/hjGWOMUK+tGDoIwnbPmeiJyXDmis:njUB3D3PlOdHbauj2bmeniF
Score

6^/10

discovery persistence upx
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx

© 2018-2025

Terms | Privacy