3baccf30e885f300ab5dd927fff4fc68076810f18b1241dd3399deace01cb7ca | Triage

Submit
Reports

Overview

overview

7

Static

static

7

13f2ab726a...18.exe

windows7-x64

7

13f2ab726a...18.exe

windows10-2004-x64

1

Sharing

General

Target

13f2ab726a51606e1c1a8d0e52ce077e_JaffaCakes118
Size

5.0MB
Sample

240701-jgdqqasgmq
MD5

13f2ab726a51606e1c1a8d0e52ce077e
SHA1

b98692da8b084bc18002766cdca29b4126a2b732
SHA256

3baccf30e885f300ab5dd927fff4fc68076810f18b1241dd3399deace01cb7ca
SHA512

723eb68e19aecb5b0111486d11428eecaa44c77ff78c206566819a4fd2410fb69dd38fe8f044a11742d2a2aec1b5cc27b5ace10cf6fb265e739bca51f7f9946e
SSDEEP

98304:FmiGYXeYMJTfxuO6onW2V3lOXD1qmWrviTNrLCpEDykWXgoh6chjKSLSrZaSZa+U:9GYXeY2crafe1qmlkpIRWXgohLhGS2RC

Score

7^/10

persistence themida

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

13f2ab726a51606e1c1a8d0e52ce077e_JaffaCakes118.exe

Resource

win7-20240508-en

persistence themida

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

13f2ab726a51606e1c1a8d0e52ce077e_JaffaCakes118.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  13f2ab726a51606e1c1a8d0e52ce077e_JaffaCakes118
- Size
  
  5.0MB
- MD5
  
  13f2ab726a51606e1c1a8d0e52ce077e
- SHA1
  
  b98692da8b084bc18002766cdca29b4126a2b732
- SHA256
  
  3baccf30e885f300ab5dd927fff4fc68076810f18b1241dd3399deace01cb7ca
- SHA512
  
  723eb68e19aecb5b0111486d11428eecaa44c77ff78c206566819a4fd2410fb69dd38fe8f044a11742d2a2aec1b5cc27b5ace10cf6fb265e739bca51f7f9946e
- SSDEEP
  
  98304:FmiGYXeYMJTfxuO6onW2V3lOXD1qmWrviTNrLCpEDykWXgoh6chjKSLSrZaSZa+U:9GYXeY2crafe1qmlkpIRWXgohLhGS2RC
Score

7^/10

persistence themida
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

persistencethemida

behavioral2

© 2018-2024

Terms | Privacy