4530efac0bb18e452ee711d30ab61d03082862066f6c70e82a37185179683247 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

25ba805188...18.exe

windows7-x64

7

25ba805188...18.exe

windows10-2004-x64

7

Sharing

General

Target

25ba805188fc85391a0ff1009b0ebe9b_JaffaCakes118
Size

139KB
Sample

240704-wpsaastdrh
MD5

25ba805188fc85391a0ff1009b0ebe9b
SHA1

d45a9f2b1f74bb53ac62f13c38af23e0437e40ba
SHA256

4530efac0bb18e452ee711d30ab61d03082862066f6c70e82a37185179683247
SHA512

19cf927804b586c51a640aa8f3eb4a79ddce8b606e563412c718673f913f5595c169c6321b621c66756be40a2079c3f6e4b4e5d74bb7d45ed9a1766441ff05a1
SSDEEP

3072:uP6V0ELWD58c8qRNgWvJlK+3eqwonAhL+xfeKLGqDTZWylJjl+UQvBP+NA5:uI0ELkPRSWvDK+RwKA5+cKLG+Nnl+dAN

Score

7^/10

aspackv2 persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

25ba805188fc85391a0ff1009b0ebe9b_JaffaCakes118.exe

Resource

win7-20240508-en

aspackv2 persistence

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

25ba805188fc85391a0ff1009b0ebe9b_JaffaCakes118.exe

Resource

win10v2004-20240508-en

aspackv2 persistence

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  25ba805188fc85391a0ff1009b0ebe9b_JaffaCakes118
- Size
  
  139KB
- MD5
  
  25ba805188fc85391a0ff1009b0ebe9b
- SHA1
  
  d45a9f2b1f74bb53ac62f13c38af23e0437e40ba
- SHA256
  
  4530efac0bb18e452ee711d30ab61d03082862066f6c70e82a37185179683247
- SHA512
  
  19cf927804b586c51a640aa8f3eb4a79ddce8b606e563412c718673f913f5595c169c6321b621c66756be40a2079c3f6e4b4e5d74bb7d45ed9a1766441ff05a1
- SSDEEP
  
  3072:uP6V0ELWD58c8qRNgWvJlK+3eqwonAhL+xfeKLGqDTZWylJjl+UQvBP+NA5:uI0ELkPRSWvDK+RwKA5+cKLG+Nnl+dAN
Score

7^/10

aspackv2 persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

aspackv2persistence

behavioral2

aspackv2persistence

© 2018-2024

Terms | Privacy