482aa4f44b3dbfb69b96cac302c8b475835e49c0c447f20baebafe8a43eb9399 | Triage

Submit
Reports

Overview

overview

8

Static

static

7

8903791d57...18.exe

windows7-x64

8

8903791d57...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

8903791d574cf9681d1d203fa5114960_JaffaCakes118
Size

124KB
Sample

240811-e7yrcszara
MD5

8903791d574cf9681d1d203fa5114960
SHA1

aa03b04f02517b7550be8c4b90508ec95a0df381
SHA256

482aa4f44b3dbfb69b96cac302c8b475835e49c0c447f20baebafe8a43eb9399
SHA512

ea8e2abd08f21ad4958a4347417cebc58873940eb5e7ae9015cf1a6c7b8d55477d24b75798d8e65d823d21e06670b30cfc0f324c9f363225ad7fec4b4dcb159c
SSDEEP

3072:6nrc3XvXYSOQ3nk0RAU1/r6XeM0cgGe61fdcEdXHLODErL:6nrMvXwQ3nkGAUMXeM0cxewfdzXrP

Score

8^/10

discovery evasion vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

8903791d574cf9681d1d203fa5114960_JaffaCakes118.exe

Resource

win7-20240708-en

discovery evasion vmprotect

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

8903791d574cf9681d1d203fa5114960_JaffaCakes118.exe

Resource

win10v2004-20240802-en

discovery evasion vmprotect

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  8903791d574cf9681d1d203fa5114960_JaffaCakes118
- Size
  
  124KB
- MD5
  
  8903791d574cf9681d1d203fa5114960
- SHA1
  
  aa03b04f02517b7550be8c4b90508ec95a0df381
- SHA256
  
  482aa4f44b3dbfb69b96cac302c8b475835e49c0c447f20baebafe8a43eb9399
- SHA512
  
  ea8e2abd08f21ad4958a4347417cebc58873940eb5e7ae9015cf1a6c7b8d55477d24b75798d8e65d823d21e06670b30cfc0f324c9f363225ad7fec4b4dcb159c
- SSDEEP
  
  3072:6nrc3XvXYSOQ3nk0RAU1/r6XeM0cgGe61fdcEdXHLODErL:6nrMvXwQ3nkGAUMXeM0cxewfdzXrP
Score

8^/10

discovery evasion vmprotect
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Remote System Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionvmprotect

behavioral2

discoveryevasionvmprotect

© 2018-2025

Terms | Privacy