1489da38ac39b2f619b19781832d4e6868c9acb45dd44aa6d8e9bbb14ed2fdc6 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

ec041ff5c8...18.exe

windows7-x64

7

ec041ff5c8...18.exe

windows10-2004-x64

7

Sharing

General

Target

ec041ff5c8a027cf300aae7ebd76a52a_JaffaCakes118
Size

334KB
Sample

240919-xx5e9svhpc
MD5

ec041ff5c8a027cf300aae7ebd76a52a
SHA1

3952fe5b61721ce6d29f830f00162967c45e2b6d
SHA256

1489da38ac39b2f619b19781832d4e6868c9acb45dd44aa6d8e9bbb14ed2fdc6
SHA512

abc3d6f54190b75485284ee80083c6f63110ab4d532b4b6dcd5f794795207c8d90504851c2b887aa5338d91120d1bd4754451dbb958d242fd5f36e03a7573665
SSDEEP

6144:dQTSVjee54MOO6NQDSRZ1nw8Guc5FY4n/3xgvc/cWrGJvM6VBZh+N2i9F:aTCje0EQDSRfwDuc5Fdnyv+6VHhXW

Score

7^/10

discovery vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ec041ff5c8a027cf300aae7ebd76a52a_JaffaCakes118.exe

Resource

win7-20240729-en

discovery vmprotect

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

ec041ff5c8a027cf300aae7ebd76a52a_JaffaCakes118.exe

Resource

win10v2004-20240802-en

discovery vmprotect

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  ec041ff5c8a027cf300aae7ebd76a52a_JaffaCakes118
- Size
  
  334KB
- MD5
  
  ec041ff5c8a027cf300aae7ebd76a52a
- SHA1
  
  3952fe5b61721ce6d29f830f00162967c45e2b6d
- SHA256
  
  1489da38ac39b2f619b19781832d4e6868c9acb45dd44aa6d8e9bbb14ed2fdc6
- SHA512
  
  abc3d6f54190b75485284ee80083c6f63110ab4d532b4b6dcd5f794795207c8d90504851c2b887aa5338d91120d1bd4754451dbb958d242fd5f36e03a7573665
- SSDEEP
  
  6144:dQTSVjee54MOO6NQDSRZ1nw8Guc5FY4n/3xgvc/cWrGJvM6VBZh+N2i9F:aTCje0EQDSRfwDuc5Fdnyv+6VHhXW
Score

7^/10

discovery vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryvmprotect

behavioral2

discoveryvmprotect

© 2018-2025

Terms | Privacy