privateloader | b4acbc40dd3771dba2042ad78841961dc9e41f7a9ec55e0768354004589a5da2 | Triage

Submit
Reports

Overview

overview

Static

static

7

JaffaCakes...a2.exe

windows7-x64

JaffaCakes...a2.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_b4acbc40dd3771dba2042ad78841961dc9e41f7a9ec55e0768354004589a5da2
Size

702.0MB
Sample

241229-qtm89asnhy
MD5

49352ed329c86996b5d1ee0a1d2bbfb1
SHA1

46c84bb649cc1021bff016202fdb758a05117cef
SHA256

b4acbc40dd3771dba2042ad78841961dc9e41f7a9ec55e0768354004589a5da2
SHA512

30d4bc2fae9f06447ff1f95467fe09d206ed6da265e591a698dfe6e4d0c02b6b3758ed0b05cb658bbde55238d77222824b59f477c5435d928cf99499d6624846
SSDEEP

98304:dEI1vrDktAlV4TRkhgFNicA/qFC336qEJVSdNHu1GImorT:d1p3ktUV4ligFfA/qjqqIrj

Score

10^/10

privateloader loader vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_b4acbc40dd3771dba2042ad78841961dc9e41f7a9ec55e0768354004589a5da2.exe

Resource

win7-20240729-en

privateloader loader vmprotect

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_b4acbc40dd3771dba2042ad78841961dc9e41f7a9ec55e0768354004589a5da2.exe

Resource

win10v2004-20241007-en

privateloader loader vmprotect

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_b4acbc40dd3771dba2042ad78841961dc9e41f7a9ec55e0768354004589a5da2
- Size
  
  702.0MB
- MD5
  
  49352ed329c86996b5d1ee0a1d2bbfb1
- SHA1
  
  46c84bb649cc1021bff016202fdb758a05117cef
- SHA256
  
  b4acbc40dd3771dba2042ad78841961dc9e41f7a9ec55e0768354004589a5da2
- SHA512
  
  30d4bc2fae9f06447ff1f95467fe09d206ed6da265e591a698dfe6e4d0c02b6b3758ed0b05cb658bbde55238d77222824b59f477c5435d928cf99499d6624846
- SSDEEP
  
  98304:dEI1vrDktAlV4TRkhgFNicA/qFC336qEJVSdNHu1GImorT:d1p3ktUV4ligFfA/qjqqIrj
Score

10^/10

privateloader loader vmprotect
- PrivateLoader
  PrivateLoader is a downloader sold as a pay-per-install malware distribution service.
  loader privateloader
- Privateloader family
  privateloader
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

privateloaderloadervmprotect

behavioral2

privateloaderloadervmprotect

© 2018-2025

Terms | Privacy