Overview

overview

7

Static

static

3

188799ec4f...18.exe

windows7-x64

7

188799ec4f...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    188799ec4f0a8c652a2cb6e131d45693_JaffaCakes118

  • Size

    869KB

  • Sample

    240628-ddvl6sxelc

  • MD5

    188799ec4f0a8c652a2cb6e131d45693

  • SHA1

    0efe78ef7e0ef58d56461fc89d4d3f28ba53dc50

  • SHA256

    e24a5b91a3375c8fe393aa28e1c5e348799528592b2524173217cdd440e474f9

  • SHA512

    575b1acf498821f8613d1dddf542c5b1c81260fd21e93679a7910fd7dd38b4f418ac5ad6d1f176769ad3daffce509a16bf3c582b32dafe83a869ea252dd454ff

  • SSDEEP

    24576:T/OnVB54JoDARtd1HniRPPgJnn1fGWR6W:rOnVB54JlzrniRPovR/

Score
7/10
vmprotect

Malware Config

Targets

    • Target

      188799ec4f0a8c652a2cb6e131d45693_JaffaCakes118

    • Size

      869KB

    • MD5

      188799ec4f0a8c652a2cb6e131d45693

    • SHA1

      0efe78ef7e0ef58d56461fc89d4d3f28ba53dc50

    • SHA256

      e24a5b91a3375c8fe393aa28e1c5e348799528592b2524173217cdd440e474f9

    • SHA512

      575b1acf498821f8613d1dddf542c5b1c81260fd21e93679a7910fd7dd38b4f418ac5ad6d1f176769ad3daffce509a16bf3c582b32dafe83a869ea252dd454ff

    • SSDEEP

      24576:T/OnVB54JoDARtd1HniRPPgJnn1fGWR6W:rOnVB54JlzrniRPovR/

    Score
    7/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks