b6efac71bda4acfef4f6c7c8cecc54919978d7f9382f3a069a93e6e81ae3ff56 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

ffe2e6c7a9...18.dll

windows7-x64

7

ffe2e6c7a9...18.dll

windows10-2004-x64

7

Sharing

General

Target

ffe2e6c7a913f337cc9cac14cefb13b8_JaffaCakes118
Size

257KB
Sample

240421-w1avdsgg76
MD5

ffe2e6c7a913f337cc9cac14cefb13b8
SHA1

e7e67a9941a8838a74f7f8733624a52dc9324e40
SHA256

b6efac71bda4acfef4f6c7c8cecc54919978d7f9382f3a069a93e6e81ae3ff56
SHA512

68ad40c61234bc9a7266f162545e33889a67287e884a5d2f80b223380eed0e37dc097f03753d918f2d3d0fc38b2c6aed9ec9d2fa1603a72bf63cd58a0eabd011
SSDEEP

3072:Tk6JzOZDK2IIXtnyTzk6FCLqpv5kTL/wxs3VsWlZ0jpbt+H/m/bMk0jfBHkTtTfc:qRK2IIXtxephkTLWsxkpU+/IXDBkzZ

Score

7^/10

vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ffe2e6c7a913f337cc9cac14cefb13b8_JaffaCakes118.dll

Resource

win7-20240221-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

ffe2e6c7a913f337cc9cac14cefb13b8_JaffaCakes118.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  ffe2e6c7a913f337cc9cac14cefb13b8_JaffaCakes118
- Size
  
  257KB
- MD5
  
  ffe2e6c7a913f337cc9cac14cefb13b8
- SHA1
  
  e7e67a9941a8838a74f7f8733624a52dc9324e40
- SHA256
  
  b6efac71bda4acfef4f6c7c8cecc54919978d7f9382f3a069a93e6e81ae3ff56
- SHA512
  
  68ad40c61234bc9a7266f162545e33889a67287e884a5d2f80b223380eed0e37dc097f03753d918f2d3d0fc38b2c6aed9ec9d2fa1603a72bf63cd58a0eabd011
- SSDEEP
  
  3072:Tk6JzOZDK2IIXtnyTzk6FCLqpv5kTL/wxs3VsWlZ0jpbt+H/m/bMk0jfBHkTtTfc:qRK2IIXtxephkTLWsxkpU+/IXDBkzZ
Score

7^/10

vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy