a092eb81a9aeea1c46a026380a0df63093e1716e22167c2d16a8a674a21baa77 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

6f1050255d...18.dll

windows7-x64

7

6f1050255d...18.dll

windows10-2004-x64

7

Sharing

General

Target

6f1050255d2d7e776a4d32dd83e4224b_JaffaCakes118
Size

151KB
Sample

241023-qaqj9stbrm
MD5

6f1050255d2d7e776a4d32dd83e4224b
SHA1

495986579fe084fe643115fd9c7526b3557f4fd2
SHA256

a092eb81a9aeea1c46a026380a0df63093e1716e22167c2d16a8a674a21baa77
SHA512

ef02b226a927064b3d4d7f9f085c81aa827efc82dc6b723cb31755e9a2d3a6baa2ff91694c8e9c4a3169963abed9c12978c2909703925da73dd5bcd42183cdb4
SSDEEP

3072:qKj1t4SD0auLSz9+mp4gRBVI8sQHWaw/IdLhMgtILyd8d9t6NQFTO:qk/4SD0V+9jp4gHrrHWaw/GrTd69tHFq

Score

7^/10

discovery vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

6f1050255d2d7e776a4d32dd83e4224b_JaffaCakes118.dll

Resource

win7-20240903-en

discovery vmprotect

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

6f1050255d2d7e776a4d32dd83e4224b_JaffaCakes118.dll

Resource

win10v2004-20241007-en

discovery vmprotect

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  6f1050255d2d7e776a4d32dd83e4224b_JaffaCakes118
- Size
  
  151KB
- MD5
  
  6f1050255d2d7e776a4d32dd83e4224b
- SHA1
  
  495986579fe084fe643115fd9c7526b3557f4fd2
- SHA256
  
  a092eb81a9aeea1c46a026380a0df63093e1716e22167c2d16a8a674a21baa77
- SHA512
  
  ef02b226a927064b3d4d7f9f085c81aa827efc82dc6b723cb31755e9a2d3a6baa2ff91694c8e9c4a3169963abed9c12978c2909703925da73dd5bcd42183cdb4
- SSDEEP
  
  3072:qKj1t4SD0auLSz9+mp4gRBVI8sQHWaw/IdLhMgtILyd8d9t6NQFTO:qk/4SD0V+9jp4gHrrHWaw/GrTd69tHFq
Score

7^/10

discovery vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryvmprotect

behavioral2

discoveryvmprotect

© 2018-2024

Terms | Privacy