Overview

overview

7

Static

static

7

a2f929a889...18.exe

windows7-x64

7

a2f929a889...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a2f929a88967a49fa71c8634ae08e501_JaffaCakes118

  • Size

    732KB

  • Sample

    240817-r7x62s1dqb

  • MD5

    a2f929a88967a49fa71c8634ae08e501

  • SHA1

    3755b358bcc94d2971b1bec116b6aae187870fd3

  • SHA256

    f31a6512985f360842c02adcb1651cd41f76455e932d2cdc42312e07310a020a

  • SHA512

    c7ea89329e513fc0580a2e8583e3e23cb70902437f63bdaab43c35f4d053c5b0bba60e39a57095b583fa34e8ff8112f6f9ef39fb6371c48695f150dbd900141f

  • SSDEEP

    12288:6Q9Ao1j3QmlNA+FE4MVjtbgYoxQAXzeqFLNv9GKRUBAZ7:6Q713QmltbS8+AXzeORv9GK2at

Score
7/10
discoveryvmprotect

Malware Config

Targets

    • Target

      a2f929a88967a49fa71c8634ae08e501_JaffaCakes118

    • Size

      732KB

    • MD5

      a2f929a88967a49fa71c8634ae08e501

    • SHA1

      3755b358bcc94d2971b1bec116b6aae187870fd3

    • SHA256

      f31a6512985f360842c02adcb1651cd41f76455e932d2cdc42312e07310a020a

    • SHA512

      c7ea89329e513fc0580a2e8583e3e23cb70902437f63bdaab43c35f4d053c5b0bba60e39a57095b583fa34e8ff8112f6f9ef39fb6371c48695f150dbd900141f

    • SSDEEP

      12288:6Q9Ao1j3QmlNA+FE4MVjtbgYoxQAXzeqFLNv9GKRUBAZ7:6Q713QmltbS8+AXzeORv9GK2at

    Score
    7/10
    discoveryvmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks