Overview

overview

8

Static

static

3

23fc6ff12f...18.exe

windows7-x64

8

23fc6ff12f...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    23fc6ff12ffa4c5cf5f7387059748f1a_JaffaCakes118

  • Size

    491KB

  • Sample

    240704-amwn2stfmk

  • MD5

    23fc6ff12ffa4c5cf5f7387059748f1a

  • SHA1

    d4bd1507bbe0879195bfb050ab5db52178b4e1d5

  • SHA256

    b3607a8145ce16dcf1599b10651ea389fd706104ab42d909b8308a8a27376eb0

  • SHA512

    5f8e025f1fd4ee4bfc4d3a8d8e9d1db92dacbc2e8a86ed58face09b7df4af7af3fb32d74a966802262dceda9621fe359bd9362d6a9f14f0675397d26ea33e5ed

  • SSDEEP

    6144:K86f9AEBA39SD/WHXr/ajGFBu+dHX6WT33L2mMwbVdn:UJBAkD/W31DhXFTSUVd

Score
8/10
persistencevmprotect

Malware Config

Targets

    • Target

      23fc6ff12ffa4c5cf5f7387059748f1a_JaffaCakes118

    • Size

      491KB

    • MD5

      23fc6ff12ffa4c5cf5f7387059748f1a

    • SHA1

      d4bd1507bbe0879195bfb050ab5db52178b4e1d5

    • SHA256

      b3607a8145ce16dcf1599b10651ea389fd706104ab42d909b8308a8a27376eb0

    • SHA512

      5f8e025f1fd4ee4bfc4d3a8d8e9d1db92dacbc2e8a86ed58face09b7df4af7af3fb32d74a966802262dceda9621fe359bd9362d6a9f14f0675397d26ea33e5ed

    • SSDEEP

      6144:K86f9AEBA39SD/WHXr/ajGFBu+dHX6WT33L2mMwbVdn:UJBAkD/W31DhXFTSUVd

    Score
    8/10
    persistencevmprotect

    • Server Software Component: Terminal Services DLL

      persistence

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks