Overview

overview

7

Static

static

7

37df077458...18.exe

windows7-x64

7

37df077458...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    37df077458e43eb706b80d27be285d52_JaffaCakes118

  • Size

    345KB

  • Sample

    240711-f6qvss1emj

  • MD5

    37df077458e43eb706b80d27be285d52

  • SHA1

    0dd6432d8276086a5e3f18f2eac45b2a1cbde2e7

  • SHA256

    14b70336cd626a6ad2f56d5f3058016db672e2c85d589c5542176cf55f6e94dc

  • SHA512

    d5dcedf30e8a642502a4d67e8af89b392bd38ad157b3df986976aed3855c49333660e33c60e4fffdb200b3625cec5f93d37bc01de8b8338c18d43b154a68ee8d

  • SSDEEP

    6144:vzMs/zw1vpM3BlfMkYmgtG94COSNsxRcM48SmYJ0KDpAysbRWOKJ/nxTXTcYT:7//zw1xM3nDgtG+CJN2RcMpYJlu7bRWb

Score
7/10
persistencevmprotect

Malware Config

Targets

    • Target

      37df077458e43eb706b80d27be285d52_JaffaCakes118

    • Size

      345KB

    • MD5

      37df077458e43eb706b80d27be285d52

    • SHA1

      0dd6432d8276086a5e3f18f2eac45b2a1cbde2e7

    • SHA256

      14b70336cd626a6ad2f56d5f3058016db672e2c85d589c5542176cf55f6e94dc

    • SHA512

      d5dcedf30e8a642502a4d67e8af89b392bd38ad157b3df986976aed3855c49333660e33c60e4fffdb200b3625cec5f93d37bc01de8b8338c18d43b154a68ee8d

    • SSDEEP

      6144:vzMs/zw1vpM3BlfMkYmgtG94COSNsxRcM48SmYJ0KDpAysbRWOKJ/nxTXTcYT:7//zw1xM3nDgtG+CJN2RcMpYJlu7bRWb

    Score
    7/10
    persistencevmprotect

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks