59bc8120f510c6e96a51bfc3af6ef71edf660097f711345746a4e3b17578e4c9 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

b5844ec8b0...18.dll

windows7-x64

7

b5844ec8b0...18.dll

windows10-2004-x64

7

Sharing

General

Target

b5844ec8b0d13aa0b3757cab5f8a4234_JaffaCakes118
Size

992KB
Sample

240821-3rbhwsxbjd
MD5

b5844ec8b0d13aa0b3757cab5f8a4234
SHA1

b7e2c872277ccf1d5a3de7dbd822a4cfc9afa70c
SHA256

59bc8120f510c6e96a51bfc3af6ef71edf660097f711345746a4e3b17578e4c9
SHA512

fb7694c4f179d79746c7f23937b74b459e4c5bf923f22ee2f024d07d2676631321b8509ee12c2a2c02be3dcb216dd051b56b67c51e4f13e5f340615ce9cfb126
SSDEEP

24576:kFWv1KaJDrL+EeaWJC7S/akvxJlxVpcTHSvtz3rdXVSf8K:GWvMaFDeaQC7S/akrl7W+vxmUK

Score

7^/10

discovery vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

b5844ec8b0d13aa0b3757cab5f8a4234_JaffaCakes118.dll

Resource

win7-20240704-en

discovery vmprotect

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

b5844ec8b0d13aa0b3757cab5f8a4234_JaffaCakes118.dll

Resource

win10v2004-20240802-en

discovery vmprotect

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  b5844ec8b0d13aa0b3757cab5f8a4234_JaffaCakes118
- Size
  
  992KB
- MD5
  
  b5844ec8b0d13aa0b3757cab5f8a4234
- SHA1
  
  b7e2c872277ccf1d5a3de7dbd822a4cfc9afa70c
- SHA256
  
  59bc8120f510c6e96a51bfc3af6ef71edf660097f711345746a4e3b17578e4c9
- SHA512
  
  fb7694c4f179d79746c7f23937b74b459e4c5bf923f22ee2f024d07d2676631321b8509ee12c2a2c02be3dcb216dd051b56b67c51e4f13e5f340615ce9cfb126
- SSDEEP
  
  24576:kFWv1KaJDrL+EeaWJC7S/akvxJlxVpcTHSvtz3rdXVSf8K:GWvMaFDeaQC7S/akrl7W+vxmUK
Score

7^/10

discovery vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryvmprotect

behavioral2

discoveryvmprotect

© 2018-2025

Terms | Privacy