35f9bd500821bc87c7ffc4db83fa170ce98c78c760f2086aef6e1bc9073d17b3 | Triage

Submit
Reports

Overview

overview

8

Static

static

3

5744709146...18.dll

windows7-x64

8

5744709146...18.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

57447091469f7fa776a9c0936500fd68_JaffaCakes118
Size

113KB
Sample

241018-nx963sxglp
MD5

57447091469f7fa776a9c0936500fd68
SHA1

c5ea2aa2200d68e27bd14726ac6e7beabf2f91dc
SHA256

35f9bd500821bc87c7ffc4db83fa170ce98c78c760f2086aef6e1bc9073d17b3
SHA512

f485b25fb33562f42ef31600d4e311fcbc682fc192d2725c198043473a95f6ed61ca9eee314ad1c3aac8cdf2436fc83ee834894661c102f40ddf9d249f020c7b
SSDEEP

1536:TT0cOaL/89xV91c7twoOKeL2CjLLbkovF1yErs85wf5Wd26yn1F1dRg1EX:TT0cOaLaz9C75OhXIoVrHeEdwQS

Score

8^/10

discovery persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

57447091469f7fa776a9c0936500fd68_JaffaCakes118.dll

Resource

win7-20240903-en

discovery persistence upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

57447091469f7fa776a9c0936500fd68_JaffaCakes118.dll

Resource

win10v2004-20241007-en

discovery persistence upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  57447091469f7fa776a9c0936500fd68_JaffaCakes118
- Size
  
  113KB
- MD5
  
  57447091469f7fa776a9c0936500fd68
- SHA1
  
  c5ea2aa2200d68e27bd14726ac6e7beabf2f91dc
- SHA256
  
  35f9bd500821bc87c7ffc4db83fa170ce98c78c760f2086aef6e1bc9073d17b3
- SHA512
  
  f485b25fb33562f42ef31600d4e311fcbc682fc192d2725c198043473a95f6ed61ca9eee314ad1c3aac8cdf2436fc83ee834894661c102f40ddf9d249f020c7b
- SSDEEP
  
  1536:TT0cOaL/89xV91c7twoOKeL2CjLLbkovF1yErs85wf5Wd26yn1F1dRg1EX:TT0cOaLaz9C75OhXIoVrHeEdwQS
Score

8^/10

discovery persistence upx
- Blocklisted process makes network request
- Server Software Component: Terminal Services DLL
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx

© 2018-2025

Terms | Privacy