0d738830fb6666fa2d199e7bd3e9fd6b8dcbb13d474867a746fb97ca2ce15e02 | Triage

Submit
Reports

Overview

overview

9

Static

static

3

1bd0b2857c...18.exe

windows7-x64

9

1bd0b2857c...18.exe

windows10-2004-x64

9

Sharing

General

Target

1bd0b2857c5ca1d309b200fcc047b88d_JaffaCakes118
Size

1.4MB
Sample

240701-vn7sxstclq
MD5

1bd0b2857c5ca1d309b200fcc047b88d
SHA1

d32748049534bb0dcbdff75538a1f7a2467b72b9
SHA256

0d738830fb6666fa2d199e7bd3e9fd6b8dcbb13d474867a746fb97ca2ce15e02
SHA512

6f74139e136434ce64af1e091b21c16687acbbf88d8ab574d43b9a65e94480e6f8c0beb649e6ae27033e103537f7ec742e9cb8ba08baa9091eb198b9d3783c1f
SSDEEP

24576:xMTIkEmC0Dhrr8ckM2DD4J1NiD29BhLTi/bGP6h5FbnjIwnBeF7K+emesnedr:xlkDPRrSsT5TLu/SPe55kuAUmvG

Score

9^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1bd0b2857c5ca1d309b200fcc047b88d_JaffaCakes118.exe

Resource

win7-20240611-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

1bd0b2857c5ca1d309b200fcc047b88d_JaffaCakes118.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  1bd0b2857c5ca1d309b200fcc047b88d_JaffaCakes118
- Size
  
  1.4MB
- MD5
  
  1bd0b2857c5ca1d309b200fcc047b88d
- SHA1
  
  d32748049534bb0dcbdff75538a1f7a2467b72b9
- SHA256
  
  0d738830fb6666fa2d199e7bd3e9fd6b8dcbb13d474867a746fb97ca2ce15e02
- SHA512
  
  6f74139e136434ce64af1e091b21c16687acbbf88d8ab574d43b9a65e94480e6f8c0beb649e6ae27033e103537f7ec742e9cb8ba08baa9091eb198b9d3783c1f
- SSDEEP
  
  24576:xMTIkEmC0Dhrr8ckM2DD4J1NiD29BhLTi/bGP6h5FbnjIwnBeF7K+emesnedr:xlkDPRrSsT5TLu/SPe55kuAUmvG
Score

9^/10

collection upx
- NirSoft MailPassView
  Password recovery tool for various email clients
- Nirsoft
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Accesses Microsoft Outlook accounts
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy