Overview

overview

7

Static

static

7

Pkpm2007/dic32.dll

windows7-x64

7

Pkpm2007/dic32.dll

windows10-2004-x64

7

Pkpm2007/setupapi.dll

windows7-x64

7

Pkpm2007/setupapi.dll

windows10-2004-x64

7

Pkpm2007/winscard.dll

windows7-x64

7

Pkpm2007/winscard.dll

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7539a322cf2cd2192daac49c5e4f3bfc_JaffaCakes118

  • Size

    924KB

  • Sample

    240526-mt1b2afe5t

  • MD5

    7539a322cf2cd2192daac49c5e4f3bfc

  • SHA1

    715adc7ea8685afc04e967d70e341c51159e439d

  • SHA256

    8022038f7d3286f02c70800b2863314c8251065bb463428718f70f3f8f9d8443

  • SHA512

    dfe645ac5bfa09e4990684cb97a5d6b30e58e32fdc1d002d6fbcc504cf72ed89a2f5c9f99038ddbba89d3a8007d4162e5defa2f39c8bf6aa9e4ef118dc4c3fb1

  • SSDEEP

    24576:3IoqowuqRK8glBrA9k0P3CBM0PjGKn4JdZb4zT0a+CALGx685AKUyT:KowrKBPbEyLPjWOzT0a+CALu5A0

Score
7/10
vmprotect

Malware Config

Targets

    • Target

      Pkpm2007/dic32.dll

    • Size

      524KB

    • MD5

      2e89d8f9cf51b2275ca999ca18295441

    • SHA1

      836f388aa254abf4ffa26df5cd4e7f4811a5af1b

    • SHA256

      49988e093cb4fbeabf5ea3dcda0b93d508cfa7817f7c00070e7ae3946b90be15

    • SHA512

      16374fc651a8030ace06244bf39dd2a60c3666cee090c1ddd85a25139c2748ad905b7ebe3b434a40ff8c9df188e36c0191b8a952e0a4aaf6146744bd0c945305

    • SSDEEP

      6144:VwSSfS9aakkaoCj6MbJ+QxEE+K0aVwWL4XwNU+IT:VwSSa9aOy+EFpI

    Score
    7/10
    vmprotect

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

    • Target

      Pkpm2007/setupapi.dll

    • Size

      536KB

    • MD5

      d4cbd86669115dacaf336ebc43c19df2

    • SHA1

      5cc42ba130a50c2c78f7db58dde19f94c0ba3dc9

    • SHA256

      6d222f3e46e9ef79a0d6041196983cb1cc3e81b3c71c0bb1c88881990c992789

    • SHA512

      94614e9873dce35becff87e4fce61b1f6ec7d88c47b5f0887df72c27ee6c94e0ac9d502890dbd3a74b4ad05eb6905870f2a29faac35a2119e36dd622106fcc2b

    • SSDEEP

      6144:7X1D3JUyvsoxBal1+ZuY/iVg+BbnyUa+z65UEaFhzXGBm0z+V:D1S4BaT+ZFiVg+1yUnOlApYm0aV

    Score
    7/10

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral3behavioral4

    • Target

      Pkpm2007/winscard.dll

    • Size

      680KB

    • MD5

      18df1f8d0e8342c7c99bf60bf8caa729

    • SHA1

      5606179eda548a4fa1eeab6a30e0d3e7a68c11d0

    • SHA256

      9464617fae00a88eebb6d29e552814dffa4809bcf62f5fed189b38bcba03d106

    • SHA512

      5ef55e86b8801ec05b02ac7bb81d5d5488c23565ecb846261ffab8ccdb07492a76a7528cac6110de85869b2eb0efe7f0dc592fec2bd0271b4100b6f443b70648

    • SSDEEP

      6144:OGb7f9WguGpakkaoCj6MbJ+QxEE+K0aVwWL4XwNU8i3CcpqF5ZanRHjGH6IaZi7O:7b7f96GpOy+EFkC0qP0RPIS

    Score
    7/10
    vmprotect

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks