Overview

overview

10

Static

static

7

a6e465f56d...18.exe

windows7-x64

10

a6e465f56d...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    a6e465f56d10818fa96e0e1ba4a8509e_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240818-q3phnswdla

  • MD5

    a6e465f56d10818fa96e0e1ba4a8509e

  • SHA1

    19226c78b4550d74517c3ea4a617fe67fbd4d8ce

  • SHA256

    ff6ab3a4ec688c438e71522787570bca839f4138180fde5d8ead7019b3265286

  • SHA512

    abb8e14bf9e5486bff2855ce204791d66e3c332099305017e2c8017934e11856b0836d7cf3e6cf47347de1ab730ab6cfebff1421d8237a1c3f85f5a1d415134c

  • SSDEEP

    24576:/I9GBWRQIW77VtO4/pZhEWTZSTWo1hJaDR5Bw5tyl9Y:gbZyjNZ/o7Jgoyl9Y

Score
10/10
discoveryevasiontrojanvmprotect

Malware Config

Targets

    • Target

      a6e465f56d10818fa96e0e1ba4a8509e_JaffaCakes118

    • Size

      1.2MB

    • MD5

      a6e465f56d10818fa96e0e1ba4a8509e

    • SHA1

      19226c78b4550d74517c3ea4a617fe67fbd4d8ce

    • SHA256

      ff6ab3a4ec688c438e71522787570bca839f4138180fde5d8ead7019b3265286

    • SHA512

      abb8e14bf9e5486bff2855ce204791d66e3c332099305017e2c8017934e11856b0836d7cf3e6cf47347de1ab730ab6cfebff1421d8237a1c3f85f5a1d415134c

    • SSDEEP

      24576:/I9GBWRQIW77VtO4/pZhEWTZSTWo1hJaDR5Bw5tyl9Y:gbZyjNZ/o7Jgoyl9Y

    Score
    10/10
    evasiontrojanvmprotectdiscovery

    • UAC bypass

      evasiontrojan

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks