61b96fe6073ca5d9a2f4a07c4765ff749aa5bcc1eefe570dc1eced1c3af377e2 | Triage

Submit
Reports

Overview

overview

Static

static

5

36f7e45da5...18.exe

windows7-x64

36f7e45da5...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

36f7e45da5a5ae75c0a33e432b3be972_JaffaCakes118
Size

449KB
Sample

241011-1p9a2azhjp
MD5

36f7e45da5a5ae75c0a33e432b3be972
SHA1

1fef07b9e86239f2498f7906fb09f91c61ef3cf4
SHA256

61b96fe6073ca5d9a2f4a07c4765ff749aa5bcc1eefe570dc1eced1c3af377e2
SHA512

42541e58de1fd789d0cf3c18dadc13a53e76dd5394d01f1740b34ef07a4d4b5b11668be8ccc0a0cc19c691c883906d0b7f6fadafecbc515954551040b8f5bb56
SSDEEP

12288:ZZgJpAIUYkFrrlYWDxhRCIwYeatMR9CUuRq:ZykBemrRCIwYe8MR93uo

Score

10^/10

discovery persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

36f7e45da5a5ae75c0a33e432b3be972_JaffaCakes118.exe

Resource

win7-20240903-en

discovery persistence upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

36f7e45da5a5ae75c0a33e432b3be972_JaffaCakes118.exe

Resource

win10v2004-20241007-en

discovery persistence upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  36f7e45da5a5ae75c0a33e432b3be972_JaffaCakes118
- Size
  
  449KB
- MD5
  
  36f7e45da5a5ae75c0a33e432b3be972
- SHA1
  
  1fef07b9e86239f2498f7906fb09f91c61ef3cf4
- SHA256
  
  61b96fe6073ca5d9a2f4a07c4765ff749aa5bcc1eefe570dc1eced1c3af377e2
- SHA512
  
  42541e58de1fd789d0cf3c18dadc13a53e76dd5394d01f1740b34ef07a4d4b5b11668be8ccc0a0cc19c691c883906d0b7f6fadafecbc515954551040b8f5bb56
- SSDEEP
  
  12288:ZZgJpAIUYkFrrlYWDxhRCIwYeatMR9CUuRq:ZykBemrRCIwYe8MR93uo
Score

10^/10

discovery persistence upx
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx

© 2018-2025

Terms | Privacy