Overview

overview

7

Static

static

7

aa83af9984...18.dll

windows7-x64

7

aa83af9984...18.dll

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aa83af99843e5acb69f85cd778294d59_JaffaCakes118

  • Size

    116KB

  • Sample

    240819-lpaedaxalc

  • MD5

    aa83af99843e5acb69f85cd778294d59

  • SHA1

    c98bbe9029b9a14804040cc655a7915542fd3aed

  • SHA256

    1a4598e530dbab0c338cdf323b7e74bc420aa3eae2036ae91c4f52479658379f

  • SHA512

    3b63e5a151e54d4d87361b28af95ccad8ce63e70082e0e6c41178ce9ee1907417fbfba1edf1aa845155e6313301dd2efb6c1ddb4f299a571e2001a22a0ac32e8

  • SSDEEP

    3072:yv4/6jfCX1DqMtZBkrVr9eK2/gqbTkKm/smKcua6/JRYs:4RfU1LerVrg/g7f/smnua6R

Score
7/10
discoveryvmprotect

Malware Config

Targets

    • Target

      aa83af99843e5acb69f85cd778294d59_JaffaCakes118

    • Size

      116KB

    • MD5

      aa83af99843e5acb69f85cd778294d59

    • SHA1

      c98bbe9029b9a14804040cc655a7915542fd3aed

    • SHA256

      1a4598e530dbab0c338cdf323b7e74bc420aa3eae2036ae91c4f52479658379f

    • SHA512

      3b63e5a151e54d4d87361b28af95ccad8ce63e70082e0e6c41178ce9ee1907417fbfba1edf1aa845155e6313301dd2efb6c1ddb4f299a571e2001a22a0ac32e8

    • SSDEEP

      3072:yv4/6jfCX1DqMtZBkrVr9eK2/gqbTkKm/smKcua6/JRYs:4RfU1LerVrg/g7f/smnua6R

    Score
    7/10
    discoveryvmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks