3a637cfb07b33cdf68fc408cf1aa00af12a0bdb640e359492515162a39f97e12 | Triage

Submit
Reports

Overview

overview

9

Static

static

3

44fd98fa86...18.exe

windows7-x64

9

44fd98fa86...18.exe

windows10-2004-x64

9

Sharing

General

Target

44fd98fa86411b49920746daf3bd2b22_JaffaCakes118
Size

524KB
Sample

241015-a38njsvdnf
MD5

44fd98fa86411b49920746daf3bd2b22
SHA1

193e016f22150fbd8d3a7c6ad9882a36ee771dae
SHA256

3a637cfb07b33cdf68fc408cf1aa00af12a0bdb640e359492515162a39f97e12
SHA512

9db3dc938b06ba36627bc7c1fdac0cb21a2061d887a93ca6ef68cb59ec9bf234e589c765752f02e13d603b9612611727b2f4ff6ef6d5366d60d9083555d2d97a
SSDEEP

12288:AJuKBAjsT2ws4GrRu2QRqxqlOy8AF05yHk67zR960LF:AJuXsTuRRu2wqNGIyHr96i

Score

9^/10

discovery evasion

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

44fd98fa86411b49920746daf3bd2b22_JaffaCakes118.exe

Resource

win7-20240903-en

discovery evasion

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

44fd98fa86411b49920746daf3bd2b22_JaffaCakes118.exe

Resource

win10v2004-20241007-en

discovery evasion

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  44fd98fa86411b49920746daf3bd2b22_JaffaCakes118
- Size
  
  524KB
- MD5
  
  44fd98fa86411b49920746daf3bd2b22
- SHA1
  
  193e016f22150fbd8d3a7c6ad9882a36ee771dae
- SHA256
  
  3a637cfb07b33cdf68fc408cf1aa00af12a0bdb640e359492515162a39f97e12
- SHA512
  
  9db3dc938b06ba36627bc7c1fdac0cb21a2061d887a93ca6ef68cb59ec9bf234e589c765752f02e13d603b9612611727b2f4ff6ef6d5366d60d9083555d2d97a
- SSDEEP
  
  12288:AJuKBAjsT2ws4GrRu2QRqxqlOy8AF05yHk67zR960LF:AJuXsTuRRu2wqNGIyHr96i
Score

9^/10

discovery evasion
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion

© 2018-2025

Terms | Privacy