Overview

overview

7

Static

static

7

ea8bdfbb95...18.dll

windows7-x64

7

ea8bdfbb95...18.dll

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ea8bdfbb95a10668626b7d64f9059a46_JaffaCakes118

  • Size

    864KB

  • Sample

    240919-eks8cszgkl

  • MD5

    ea8bdfbb95a10668626b7d64f9059a46

  • SHA1

    113f1e1a153bf57c54a4f2a85ffec83452297e5d

  • SHA256

    289dc4845b4e061f3853efb61d4e9645f46d4e64da1f65e14795dfc18873eb5e

  • SHA512

    a172e9d24882cfbccb5eb13573c63c28fb1c7a6d180c8994d811a0b1f0b3794abe6aa9e7b14ef5d27823f3de12c2c4cbc1bb26202cb1bfd770475fddbadbc0a0

  • SSDEEP

    12288:N8xqsDR1uMj0VLpa5cFieDY+fZs6TCl3xY4zgUF9nC/bfChYnhu:NRu0dpPFieDY+Pul3Tm/bfC6no

Score
7/10
discoveryvmprotect

Malware Config

Targets

    • Target

      ea8bdfbb95a10668626b7d64f9059a46_JaffaCakes118

    • Size

      864KB

    • MD5

      ea8bdfbb95a10668626b7d64f9059a46

    • SHA1

      113f1e1a153bf57c54a4f2a85ffec83452297e5d

    • SHA256

      289dc4845b4e061f3853efb61d4e9645f46d4e64da1f65e14795dfc18873eb5e

    • SHA512

      a172e9d24882cfbccb5eb13573c63c28fb1c7a6d180c8994d811a0b1f0b3794abe6aa9e7b14ef5d27823f3de12c2c4cbc1bb26202cb1bfd770475fddbadbc0a0

    • SSDEEP

      12288:N8xqsDR1uMj0VLpa5cFieDY+fZs6TCl3xY4zgUF9nC/bfChYnhu:NRu0dpPFieDY+Pul3Tm/bfC6no

    Score
    7/10
    discoveryvmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks