c56d074fcc09b52565e9a09cd73f190376ae552a5e190a4d682b9eeb15d72e43 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

7

db64e021ee...18.exe

windows7-x64

8

db64e021ee...18.exe

windows10-2004-x64

8

Sharing

General

Target

db64e021eef4e80bf5dc3d105057fdef_JaffaCakes118
Size

432KB
Sample

240911-265jvaycrl
MD5

db64e021eef4e80bf5dc3d105057fdef
SHA1

0e0f5f5fe100daf0688adb0e5659889e0cba2509
SHA256

c56d074fcc09b52565e9a09cd73f190376ae552a5e190a4d682b9eeb15d72e43
SHA512

c432c95459788a1ff1fcde302bad2a923b1c992e472ceddae37eec1ba03a9b676970f3374aab69cbf70b0aad51ee1d4201ce8c5798163ad40d2858267ee16de4
SSDEEP

6144:5/n3dYapfphW6KfghETqJqFjrwK7MYE5W7LPakYxTAPiDwkrpxQVXg:5v6ap664ghfJqFjMnpqLSkIT506kpg

Score

8^/10

discovery evasion trojan vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

db64e021eef4e80bf5dc3d105057fdef_JaffaCakes118.exe

Resource

win7-20240903-en

discovery evasion trojan vmprotect

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

db64e021eef4e80bf5dc3d105057fdef_JaffaCakes118.exe

Resource

win10v2004-20240802-en

discovery evasion trojan vmprotect

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  db64e021eef4e80bf5dc3d105057fdef_JaffaCakes118
- Size
  
  432KB
- MD5
  
  db64e021eef4e80bf5dc3d105057fdef
- SHA1
  
  0e0f5f5fe100daf0688adb0e5659889e0cba2509
- SHA256
  
  c56d074fcc09b52565e9a09cd73f190376ae552a5e190a4d682b9eeb15d72e43
- SHA512
  
  c432c95459788a1ff1fcde302bad2a923b1c992e472ceddae37eec1ba03a9b676970f3374aab69cbf70b0aad51ee1d4201ce8c5798163ad40d2858267ee16de4
- SSDEEP
  
  6144:5/n3dYapfphW6KfghETqJqFjrwK7MYE5W7LPakYxTAPiDwkrpxQVXg:5v6ap664ghfJqFjMnpqLSkIT506kpg
Score

8^/10

discovery evasion trojan vmprotect
- Drops file in Drivers directory
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Checks whether UAC is enabled
  evasion trojan
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojanvmprotect

behavioral2

discoveryevasiontrojanvmprotect

© 2018-2025

Terms | Privacy