51754bd6e2e64785843ed197e9c32ade05870d6039465a2d53cd650644e3e8d7 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

be10f06fe8...18.exe

windows7-x64

7

be10f06fe8...18.exe

windows10-2004-x64

7

Sharing

General

Target

be10f06fe8f6f3b49b417e2c4e664049_JaffaCakes118
Size

1.4MB
Sample

240824-hdadfszbmk
MD5

be10f06fe8f6f3b49b417e2c4e664049
SHA1

c7fb597c2d443dadf656454c6600d6f1de5ee8be
SHA256

51754bd6e2e64785843ed197e9c32ade05870d6039465a2d53cd650644e3e8d7
SHA512

8e61a183ee73cfdd6222eb8e5b23888f00cb839cf605f41a661d1b0e129d46c462710bdbe5f4d490356337158ba3e02457f60edf0129e23b698d6b74a2e4feac
SSDEEP

24576:80d0DEyu+gPGiKyp/zr3gBCyhUnInrssTW+qenfGP4A0AV2b+31lqsCa:80d0o+geeMgyhgIrTTjFC0W2b+b

Score

7^/10

discovery upx vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

be10f06fe8f6f3b49b417e2c4e664049_JaffaCakes118.exe

Resource

win7-20240704-en

discovery upx vmprotect

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

be10f06fe8f6f3b49b417e2c4e664049_JaffaCakes118.exe

Resource

win10v2004-20240802-en

discovery upx vmprotect

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  be10f06fe8f6f3b49b417e2c4e664049_JaffaCakes118
- Size
  
  1.4MB
- MD5
  
  be10f06fe8f6f3b49b417e2c4e664049
- SHA1
  
  c7fb597c2d443dadf656454c6600d6f1de5ee8be
- SHA256
  
  51754bd6e2e64785843ed197e9c32ade05870d6039465a2d53cd650644e3e8d7
- SHA512
  
  8e61a183ee73cfdd6222eb8e5b23888f00cb839cf605f41a661d1b0e129d46c462710bdbe5f4d490356337158ba3e02457f60edf0129e23b698d6b74a2e4feac
- SSDEEP
  
  24576:80d0DEyu+gPGiKyp/zr3gBCyhUnInrssTW+qenfGP4A0AV2b+31lqsCa:80d0o+geeMgyhgIrTTjFC0W2b+b
Score

7^/10

discovery upx vmprotect
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryupxvmprotect

behavioral2

discoveryupxvmprotect

© 2018-2025

Terms | Privacy