Overview

overview

7

Static

static

7

89235cd3d7...18.exe

windows7-x64

7

89235cd3d7...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    89235cd3d74f0bd2d38f45d0905455ef_JaffaCakes118

  • Size

    78KB

  • Sample

    240811-fy2x4a1anf

  • MD5

    89235cd3d74f0bd2d38f45d0905455ef

  • SHA1

    9417f596531107bc00d984ae412cbd8ac616c689

  • SHA256

    69535edae9c088c354448a29c2a2aef319076d9c2a0efc3f4f39bd4b71c3036e

  • SHA512

    7719012155c58212862aece4d80350e3cbff26c47006e55e972f9aca29a8f65c523ec8ebbc5c0577239a6a506ccc1c282a252010dcf41f2280040ca6a8f56aad

  • SSDEEP

    1536:JD81ltFa7ZTq3mk2BlBPDdY2p5WYt1m+9uW/wgC/9jxAMjVYrs+yxrQf:2hFa7Z+WPBlzYek01mo/FCjd0sj0

Score
7/10
defense_evasiondiscoveryvmprotect

Malware Config

Targets

    • Target

      89235cd3d74f0bd2d38f45d0905455ef_JaffaCakes118

    • Size

      78KB

    • MD5

      89235cd3d74f0bd2d38f45d0905455ef

    • SHA1

      9417f596531107bc00d984ae412cbd8ac616c689

    • SHA256

      69535edae9c088c354448a29c2a2aef319076d9c2a0efc3f4f39bd4b71c3036e

    • SHA512

      7719012155c58212862aece4d80350e3cbff26c47006e55e972f9aca29a8f65c523ec8ebbc5c0577239a6a506ccc1c282a252010dcf41f2280040ca6a8f56aad

    • SSDEEP

      1536:JD81ltFa7ZTq3mk2BlBPDdY2p5WYt1m+9uW/wgC/9jxAMjVYrs+yxrQf:2hFa7Z+WPBlzYek01mo/FCjd0sj0

    Score
    7/10
    defense_evasiondiscoveryvmprotect

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks