General

  • Target

    12fd80d719f40e01670aaf01644157d6_JaffaCakes118

  • Size

    498KB

  • Sample

    240626-w69wnszdpj

  • MD5

    12fd80d719f40e01670aaf01644157d6

  • SHA1

    047b973f3c99037d28d2f9561523ae66348e6aae

  • SHA256

    d924a7cbd20d9298efc667d394f577f662ac96965ab93fe4430ad8c34de223c1

  • SHA512

    e90a988b4ec468faee1761f3ed31a23245d03f7de92634afd56b10ca5045498331f0776bd6777a8384f6e25b5e49107678cd08792bd5cbdc5eb7aa0a3d4ac706

  • SSDEEP

    12288:xmndhEM0JQWbDL0tj5WI6cHfiH1eiZ2L/04y+WsymGEcvH:MdmMo1L0tlWp3VEc9mGEuH

Score
7/10

Malware Config

Targets

    • Target

      SKIDROW.dll

    • Size

      164KB

    • MD5

      4d4c61243e1ddcd230c9899071e17e89

    • SHA1

      93ad9b4dadb7054601dd06fd35ff4f0f80e30e52

    • SHA256

      0474bec353472ed54de747abdbd3b714c20642efb72da4d4162ce5b3fdb25125

    • SHA512

      37f8708311ee347f6f79280375b94e446fdb3342eedc2f5b5397edd481caa8df18963fbe8038893a245b0a002737f4fc6f1cb9ef11bc3165e2b995c63da36f3e

    • SSDEEP

      3072:skz9Cd1RS2nmFQFjnLg2UTY5S4D90yCzd4gRGpKJ9dJlgZFZ:3z8d7S2mF0jnL73VDayY4gKKvKv

    Score
    7/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Target

      fmodex.dll

    • Size

      370KB

    • MD5

      cd556e064421385ff1cbe9df2689a45f

    • SHA1

      0ce903745267347e2d5e0163b0449f34dd7a21d5

    • SHA256

      3528aaae6cc5557e3eb4d0cb0cf213bfed61e0cb6e70208b53daa416c90e01e8

    • SHA512

      2ed5ef0d3bb541fd93ad506378746beaff433deeaeaa04f86a3cf5488b903c3bd19c7e4126a39e756588b3208c134b861d2fc1111e68dc4fc8302907657dab5c

    • SSDEEP

      6144:IXL/jNLvOdb3iK5OPQuOm5NnceLgqfCJ4LjnvQqE1BQCAi9t+1lmecCtEp12Beli:IjpLvOKOmLn9LgqfCWjv9GiNi9t

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

MITRE ATT&CK Matrix

Tasks