General

  • Target

    129c7227c1b8da647b073239a33d9b37_JaffaCakes118

  • Size

    731KB

  • Sample

    240626-tq1lyssbrh

  • MD5

    129c7227c1b8da647b073239a33d9b37

  • SHA1

    a16a76d85cc444669059a31af010d0fd75cc7fdf

  • SHA256

    9421ed4e105261407c4514cba30a15e88410ce9cf1dc0d7fe1677e807bde6ac8

  • SHA512

    7af2c54bd6718030ae6af664cea8f9f37c729272e382fb1c22cad4ed9c0fe9b35e142ebc36efd99b43042c83c89cac4c930e9dc99e2d8844d202b572e37ae1f0

  • SSDEEP

    12288:WF7cMDkCMc5k/E+kPsVDvCOHY0ww6RjHUYXRfgaByBOySuTb0jnBwZwDpILR2lv:WF7c7CUhkE740wxRbUYhIaaRzb0dwZwf

Score
7/10

Malware Config

Targets

    • Target

      SKIDROW.dll

    • Size

      190KB

    • MD5

      9c165ce0058bd9ecb6e63b45bfcae774

    • SHA1

      5b31fb5741304e8486acfd81e30b314b87a28e9f

    • SHA256

      9d68ac98257f221338c3aacde0087bc9520deecd5dd8ad5148472404a4ce4c66

    • SHA512

      ee73b88da8e92c50240e91bb95e7f8ff0b805150c4c57c4473eec14869a935b20f1a039dde73b6764e9d79932dc0e1fb3b50dfb2711785c41208d45a933a6383

    • SSDEEP

      3072:Zsambyd5b+IpZQ85xgetYK+yNCFyQIO1zPN0O7BdPe9exbEaDQZyFHpBKBGPt+lV:suL3NvYGCkfOBPiOnGkbEaUyFJBvFcH

    Score
    7/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Target

      binkw32.dll

    • Size

      211KB

    • MD5

      c57a6b53983d354a34bbbbb2abc5353c

    • SHA1

      f98bcb7bcadcc0240cabfbcb26f5c48a7fb9e8b6

    • SHA256

      adcf7f7fd4d2867dcae8a11ae9bdf16ead4757d0923aef6b76c5dc80604e00ef

    • SHA512

      a610c2fe24246b226feaf5b14b6d34bbfc119b98124d0395bc8b458e9c6023984b6c21920d8d0f818d7db2aff5e90ab70b8e07ed35aa6b31f51230453004e4d0

    • SSDEEP

      6144:kg/iRYjRnukd+N7+mU3indjSoI5hHLXA8I:kg/iERDdSqmUBr

    Score
    7/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Target

      paul.dll

    • Size

      435KB

    • MD5

      3cede5482f2930719d9bd2946dcd7b77

    • SHA1

      21c23c470bdabb763d2fc372d86e9d3fb9f923ae

    • SHA256

      34a3852460b2e63c6f0443f2e28876d317b2964ed8a602944b18937368cfc2b6

    • SHA512

      9157ac7dd5c496dfc3935fa198f6a1a2d0c764b169270fbfb92ab0c997065da2cec438d8fc410446faa1d4589ad4651a08a52fed19ef3ac5f98869bc8f17e1a9

    • SSDEEP

      6144:C0n4XCCluMxcG/gLZTn3MRU/7J2CI2DL4PYjnCqwq91GcxYbmchqQYvwYJf7j9SQ:NJH4w3YU/wQ4P8CPq1cwrvwg7j9SYP

    Score
    7/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

MITRE ATT&CK Matrix

Tasks