Overview

overview

7

Static

static

7

0e06c34269...18.exe

windows7-x64

7

0e06c34269...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    0e06c342697b98f77e29f29458e0bce7_JaffaCakes118

  • Size

    204KB

  • Sample

    240625-pdx8vayfqf

  • MD5

    0e06c342697b98f77e29f29458e0bce7

  • SHA1

    24e56d2bb99ebb3dbdba0038606bafef4c318247

  • SHA256

    a8aa3a05de6aedfa7a1442a60f3c97d858e1f8662c8b4e5a26ea32fe3ccb4230

  • SHA512

    88e8d5d994456524cb9cca79ee10247d24b119b8638e86a4129b80ed1ab6f9e2732b987082a251c31c24221538da1d67740a47c7d76581e19cb82057d79e8be7

  • SSDEEP

    6144:BMNbxOdowG0fkoNtX5L/oNRBM9+bVxygvLm1MYlo/NT8:+Fx50VH5p9+bVxfvlYSV8

Score
7/10
vmprotect

Malware Config

Targets

    • Target

      0e06c342697b98f77e29f29458e0bce7_JaffaCakes118

    • Size

      204KB

    • MD5

      0e06c342697b98f77e29f29458e0bce7

    • SHA1

      24e56d2bb99ebb3dbdba0038606bafef4c318247

    • SHA256

      a8aa3a05de6aedfa7a1442a60f3c97d858e1f8662c8b4e5a26ea32fe3ccb4230

    • SHA512

      88e8d5d994456524cb9cca79ee10247d24b119b8638e86a4129b80ed1ab6f9e2732b987082a251c31c24221538da1d67740a47c7d76581e19cb82057d79e8be7

    • SSDEEP

      6144:BMNbxOdowG0fkoNtX5L/oNRBM9+bVxygvLm1MYlo/NT8:+Fx50VH5p9+bVxfvlYSV8

    Score
    7/10
    vmprotect

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks