privateloader | ee1601ec6b9ef7f3b330976020f7850ac37ec2b395d4556a93ec431e1decb5b5 | Triage

Submit
Reports

Overview

overview

Static

static

7

JaffaCakes...b5.exe

windows7-x64

JaffaCakes...b5.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_ee1601ec6b9ef7f3b330976020f7850ac37ec2b395d4556a93ec431e1decb5b5
Size

652.0MB
Sample

241223-ttn3bsvkfm
MD5

c99c4c3d5514deffea71ee7fd32673ed
SHA1

d5263c86bae0f351a78e0bb2f78e50002104bb62
SHA256

ee1601ec6b9ef7f3b330976020f7850ac37ec2b395d4556a93ec431e1decb5b5
SHA512

3d8f34c6097bbb2b74259fcfb6af1430467d97be962ce81fd03580482027d95a596b525a2148b562d3db098f3c73f7bd5f43198e7d99bbf23692f597ebd7ed4d
SSDEEP

196608:y55H0eo/kBtjRMOYoJe4yBnvbECfjPMtIi8ZAe:yXUe3oVzBjEOrMtIf

Score

10^/10

privateloader loader vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_ee1601ec6b9ef7f3b330976020f7850ac37ec2b395d4556a93ec431e1decb5b5.exe

Resource

win7-20240903-en

privateloader loader vmprotect

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_ee1601ec6b9ef7f3b330976020f7850ac37ec2b395d4556a93ec431e1decb5b5.exe

Resource

win10v2004-20241007-en

privateloader loader vmprotect

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_ee1601ec6b9ef7f3b330976020f7850ac37ec2b395d4556a93ec431e1decb5b5
- Size
  
  652.0MB
- MD5
  
  c99c4c3d5514deffea71ee7fd32673ed
- SHA1
  
  d5263c86bae0f351a78e0bb2f78e50002104bb62
- SHA256
  
  ee1601ec6b9ef7f3b330976020f7850ac37ec2b395d4556a93ec431e1decb5b5
- SHA512
  
  3d8f34c6097bbb2b74259fcfb6af1430467d97be962ce81fd03580482027d95a596b525a2148b562d3db098f3c73f7bd5f43198e7d99bbf23692f597ebd7ed4d
- SSDEEP
  
  196608:y55H0eo/kBtjRMOYoJe4yBnvbECfjPMtIi8ZAe:yXUe3oVzBjEOrMtIf
Score

10^/10

privateloader loader vmprotect
- PrivateLoader
  PrivateLoader is a downloader sold as a pay-per-install malware distribution service.
  loader privateloader
- Privateloader family
  privateloader
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

privateloaderloadervmprotect

behavioral2

privateloaderloadervmprotect

© 2018-2025

Terms | Privacy