a91388f18e57a7c603c9dc31edb86c47ba026386ecf263bd8cb240272d2f769c | Triage

Submit
Reports

Overview

overview

Static

static

5

302ff5578a...18.exe

windows7-x64

302ff5578a...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

302ff5578af56f32ac64a0b5bb94d6e6_JaffaCakes118
Size

215KB
Sample

241010-q5asasydlc
MD5

302ff5578af56f32ac64a0b5bb94d6e6
SHA1

b390f64f27a01e74602453649925962d21919577
SHA256

a91388f18e57a7c603c9dc31edb86c47ba026386ecf263bd8cb240272d2f769c
SHA512

fd74f0b174d624da26d1779274e64764f4c6f70f996d72ed64c9cf0555afa41b93d8e5ea4af937ff6264e720dedf9da905ef0b9d1bf3d86dff8f31fc5d15fd19
SSDEEP

3072:VsQtCOxtvG3TGgBEX+mV3NXujs3PFI7EuEmGTxi06TuNa1+DQPjf4iGHQY:Vsitu7O5xoY3dI7268a12QgX

Score

10^/10

discovery evasion persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

302ff5578af56f32ac64a0b5bb94d6e6_JaffaCakes118.exe

Resource

win7-20241010-en

discovery evasion persistence upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

302ff5578af56f32ac64a0b5bb94d6e6_JaffaCakes118.exe

Resource

win10v2004-20241007-en

discovery evasion persistence upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  302ff5578af56f32ac64a0b5bb94d6e6_JaffaCakes118
- Size
  
  215KB
- MD5
  
  302ff5578af56f32ac64a0b5bb94d6e6
- SHA1
  
  b390f64f27a01e74602453649925962d21919577
- SHA256
  
  a91388f18e57a7c603c9dc31edb86c47ba026386ecf263bd8cb240272d2f769c
- SHA512
  
  fd74f0b174d624da26d1779274e64764f4c6f70f996d72ed64c9cf0555afa41b93d8e5ea4af937ff6264e720dedf9da905ef0b9d1bf3d86dff8f31fc5d15fd19
- SSDEEP
  
  3072:VsQtCOxtvG3TGgBEX+mV3NXujs3PFI7EuEmGTxi06TuNa1+DQPjf4iGHQY:Vsitu7O5xoY3dI7268a12QgX
Score

10^/10

discovery evasion persistence upx
- Modifies firewall policy service
  evasion
- Adds Run key to start application
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceupx

behavioral2

discoveryevasionpersistenceupx

© 2018-2025

Terms | Privacy