4f7ee2f0b15e8c78849483a2a14bca4037c5b67e3f0759bb687b6af7b148fb5f | Triage

Sharing

General

Target

c4ce00751f365ccc984ff647d8bf0248_JaffaCakes118
Size

11.4MB
Sample

240827-mcwbrawbnc
MD5

c4ce00751f365ccc984ff647d8bf0248
SHA1

1f444c2667dbee0c3689bf10d8036b9d39bc8902
SHA256

4f7ee2f0b15e8c78849483a2a14bca4037c5b67e3f0759bb687b6af7b148fb5f
SHA512

5abf43d1dc7053fe22aaf67b875efdb975ead4b026d3e7ca06b109e9fa183b608ef3c1972853240edb0fb808da4c0c8fe73026a8e9675c59d6719169cd66b04a
SSDEEP

196608:y5qo5E8qC9WTK8nyHVfaiB+ToJBoBcygRxWP7pquLisQjW1z/o:eNu+j1GTkoBgyDkxl

Score

7^/10

discovery vmprotect

Malware Config

Targets

- Target
  
  12.dll
- Size
  
  10.0MB
- MD5
  
  11ebde98977096e8eb8c62c55fb716d0
- SHA1
  
  7f1e39aeac561703737615e99ef1b6d3aa082bdd
- SHA256
  
  91e8b257c5403fa292f6e9e85591a7ffb642182cd7350c0087dce4b473732b1f
- SHA512
  
  cc288e9564e71bd0ca70256a7fc3340b8834270edb800ab2af82eee678d60cb957aa4711c40d92fbb2df6716ef06b2a109047adbb0c16992c01a775b42b316d5
- SSDEEP
  
  196608:rhJMCLOpcyYBEBtrkmBUTKt7yBuYoRxQF750UU7o/Jt:rLMzpcylnKTcyBC0pWUU
Score

7^/10

discovery vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2
- Target
  
  exe.png
- Size
  
  872KB
- MD5
  
  c56b5f0201a3b3de53e561fe76912bfd
- SHA1
  
  2a4062e10a5de813f5688221dbeb3f3ff33eb417
- SHA256
  
  237d1bca6e056df5bb16a1216a434634109478f882d3b1d58344c801d184f95d
- SHA512
  
  195b98245bb820085ae9203cdb6d470b749d1f228908093e8606453b027b7d7681ccd7952e30c2f5dd40f8f0b999ccfc60ebb03419b574c08de6816e75710d2c
- SSDEEP
  
  12288:6pVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:6T3E53Myyzl0hMf1tr7Caw8M01
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  libeay32.dll
- Size
  
  1.3MB
- MD5
  
  905ed724736240737ef98e62917a3bc7
- SHA1
  
  c6382c38a48231d73985183b4cdfc034c621ad4e
- SHA256
  
  963b313eb11d5ea78d9d5f4e03df9265e472db892a4b406ee73f0216fd4d6f38
- SHA512
  
  74ece6db443ddfd0d316b4a94f7cb99281907a3927087b55d527fb3f84d857fdd00dd164453e3bb58babc37d54a38e8d37f13ff211ac2d2ad55fa4792e06362f
- SSDEEP
  
  24576:xfup+KpPAxA6lwmGKcF6pjM+vduFpoyJQb1QA9:EoymGKcF6pj1uFpoyJQb1QA9
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  sql.png
- Size
  
  849KB
- MD5
  
  87f9e5a6318ac1ec5ee05aa94a919d7a
- SHA1
  
  7a9956e8de89603dba99772da29493d3fd0fe37d
- SHA256
  
  7705b87603e0d772e1753441001fcf1ac2643ee41bf14a8177de2c056628665c
- SHA512
  
  c45c03176142918e34f746711e83384572bd6a8ed0a005600aa4a18cf22eade06c76eda190b37db49ec1971c4649e086affd19eee108c5f405df27c0c8cb23d2
- SSDEEP
  
  24576:sBEJPplYq6r/6hllzJ6Ic01re2g+b60/17:s6JPIiDJJ6Ic0JTgZo
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  ssleay32.dll
- Size
  
  349KB
- MD5
  
  cf2c57dda3766c204c398430da23693d
- SHA1
  
  9938cbf4b5e7cffa0d73825a6ef85b0d90a0ce0a
- SHA256
  
  492f045643354c8b9fa11673b6c32cdbb33779826a729ce55de5901279c1f6d5
- SHA512
  
  e83e33b5bc9161351daaaae8e9130d83568d85b4a4ab190730e9558ddad199091f5b3acb3e1060dad5ec840a74f8b6781a086f49b7a1ecb6f82fc1cc265c536a
- SSDEEP
  
  6144:VaMcchXvecgMuZESAp8EQS59KrZ6K8KzNvNq4O7D9kU+yQ/ACLO6B5dMeYjByVFI:Va8XvecgMuZESAp85S59KrL8KzNFqx7x
Score

3^/10

discovery
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryvmprotect

behavioral2

discoveryvmprotect

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10