6baa51da775f898b0cd03372be44ea4aa4355ac31c473d92f718b189c2e7b3f5

Sharing

Copy URL

Twitter E-mail

General

Target

2fda5c3ceec5672af11ef4e18f502334_JaffaCakes118
Size

2.0MB
Sample

240709-ll9p3axbpp
MD5

2fda5c3ceec5672af11ef4e18f502334
SHA1

c5eb725f4feae3914c0e962d345b5f8194be7415
SHA256

6baa51da775f898b0cd03372be44ea4aa4355ac31c473d92f718b189c2e7b3f5
SHA512

f582c40a9b485bfa200738afd2105b992d9abc102a2d53affcae9650ed485df028629f9199eefe48b8dce517b90016b342d3fb81cb5e1017a8f15528a383250d
SSDEEP

49152:8IABIG10FuGk6ksbgRyIgziKJMyCI2fMkm:4Ka0oGJksstIiKJRCFJm

Score

7^/10

vmprotect

Malware Config

Targets

- Target
  
  Valkyrie.exe
- Size
  
  1.1MB
- MD5
  
  77950b7144a1afa140e59b695d1a61c3
- SHA1
  
  1335122ffe9b90c2265d83ba4b3f139a5ef4379c
- SHA256
  
  c60077ffe22073e502c1cd0de5e9712370f5b794f481d2066aa0859372a33e84
- SHA512
  
  fe9585697fee1bd03fdcb37514c80b4f140ddaa060f09c617da7f6a57f14f011cd3d6af747dc5ed5a91a546f9a739c11c054c51b5752f6dfce86bcaad9e3471b
- SSDEEP
  
  24576:Ng8O6y2lzBZbSmgO7fo763JvPk0k4HpNvQpD9THF:N1GUZoQxsxT
Score

1^/10
behavioral1 behavioral2
- Target
  
  WallHack.dll
- Size
  
  160KB
- MD5
  
  bb2404176b6b87c415374b77ba385c8b
- SHA1
  
  5bfd694ce33c7003de417e1a9ad13bae3cfc229f
- SHA256
  
  8872a08ea3127543abc403dfeabfb6418936d61e1c9c10d328bd7c7f26fb0fb0
- SHA512
  
  0d48045b2a936d61c2d74db1a33f611533372943be57c00dc219a4f2ebd29e7e2e4a93181874b2a227d9b70d3d30c6ad05d22bd8ed4c3ff12f23ada4d154d644
- SSDEEP
  
  3072:IsS25sV8jvkKilsNhlquXJR3ve4cxL9jFkWUCKEl9/GKcGj:IsSm6KkhmDlBZULw53aoKj
Score

7^/10

vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral3 behavioral4
- Target
  
  x64/msvcr100.dll
- Size
  
  808KB
- MD5
  
  aed6d63cfa5a3ef7021af9c457fee994
- SHA1
  
  f6ad746ef520b03df6cf0f5a2512d0df964c4688
- SHA256
  
  b4bfa27f677295b00a1df9a7e14db4b75cac2dd41b898d4e9a378eccce3699f0
- SHA512
  
  5573b17eb19d13cc96df5d66ef60cc8ff98e1ac9d8582a870ed2befa28ee271fb41741a92aa703234150fceadf4a436d10b8a6518c1816d0c804eb1261650d2d
- SSDEEP
  
  24576:C5e4L1vwTowTWqwVeeK7R/myyKgn9IrzOI:C5e4LfUWqAacn9Y
Score

1^/10
behavioral5 behavioral6
- Target
  
  x64/msvcr100d.dll
- Size
  
  1.8MB
- MD5
  
  acb4573209fc9f335e242017c3064e5c
- SHA1
  
  e6e658ae0bddc6dea759d716e1bedaf679d44c81
- SHA256
  
  c9fff0b1022356e563929ccdc89936f6a2c0e39a5550c3d12e3d08cd784013e6
- SHA512
  
  97a5d4e5c9be45f99a6e2fc892055c1659522d2d6306c0a175c566fb6b969c7cdab23bb07c3c196ca7e3bddd0d286ea51317e1403b4db037bbb75b44b75ac123
- SSDEEP
  
  24576:12e5e7DKWXkG3fAXBTZsjMPv1sAalamNyBe/4zSU:xLWvYXscsAalk
Score

1^/10
behavioral7 behavioral8
- Target
  
  x86/msvcr100.dll
- Size
  
  752KB
- MD5
  
  67ec459e42d3081dd8fd34356f7cafc1
- SHA1
  
  1738050616169d5b17b5adac3ff0370b8c642734
- SHA256
  
  1221a09484964a6f38af5e34ee292b9afefccb3dc6e55435fd3aaf7c235d9067
- SHA512
  
  9ed1c106df217e0b4e4fbd1f4275486ceba1d8a225d6c7e47b854b0b5e6158135b81be926f51db0ad5c624f9bd1d09282332cf064680dc9f7d287073b9686d33
- SSDEEP
  
  12288:fQmCy3NeRjkpQmj3oaMtQqjoygfXq3kon9IlbgaOxQdVJJ6j5EBKX8hR5:ImCy3VQs9MtLjTgfa3kon9FaOdEz5
Score

3^/10
behavioral10 behavioral9
- Target
  
  x86/msvcr100d.dll
- Size
  
  1.4MB
- MD5
  
  b245bf00ba8c1196dbf8c2bd5dec9f60
- SHA1
  
  3090b2365ef1c3dbb378d309ee4b9aa811548e07
- SHA256
  
  80e8c0147f9960c8982092a4b43329835dc394036306bdd1a763bb59eb3d751b
- SHA512
  
  45b453c117fe3ae541eb9af0f8c7fff12dba4c83c95b6ab53027ba5650e44483738cbac34b2847b5830697c66d537dcbc54e76c0235ce7bfa3f9aacdfce685a3
- SSDEEP
  
  24576:7m/wTbJniLOB8QyruNelIQrTLGA1IZxvW6q9yNxsjcLO++yR6lPUoLpmLy4fAh:718QyruNwrXGAujvn84qcOvv
Score

3^/10
behavioral11 behavioral12

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

VMProtect packed file

Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12