General

  • Target

    110c3b92a77779be27abcd0ac02c3225_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240626-hcaylazhka

  • MD5

    110c3b92a77779be27abcd0ac02c3225

  • SHA1

    73188bf98d7b2a2874b5d33cf5ac3612197bff4d

  • SHA256

    7b45224ffa98dee12de481881d46aa8026cc72fbb6b8e927a69dbe6fbc18ebb7

  • SHA512

    bc4a72e0cfbd3ffc128775951715f7a945cba076c5df72476fdc65025d96af42add27a26292e9087cf39374250014857fa0f6ab2ee727e0cfe357e7fc1e78efb

  • SSDEEP

    24576:dsH/ONnWqYZJp8yiJZbbkoIXG6ZEJBWlKKkkzG0u0tfZXQqB2:dsfMJs8QXG6ZAB8vkgjNQu

Score
7/10

Malware Config

Targets

    • Target

      110c3b92a77779be27abcd0ac02c3225_JaffaCakes118

    • Size

      1.2MB

    • MD5

      110c3b92a77779be27abcd0ac02c3225

    • SHA1

      73188bf98d7b2a2874b5d33cf5ac3612197bff4d

    • SHA256

      7b45224ffa98dee12de481881d46aa8026cc72fbb6b8e927a69dbe6fbc18ebb7

    • SHA512

      bc4a72e0cfbd3ffc128775951715f7a945cba076c5df72476fdc65025d96af42add27a26292e9087cf39374250014857fa0f6ab2ee727e0cfe357e7fc1e78efb

    • SSDEEP

      24576:dsH/ONnWqYZJp8yiJZbbkoIXG6ZEJBWlKKkkzG0u0tfZXQqB2:dsfMJs8QXG6ZAB8vkgjNQu

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks