429c72a0f52413d06c982783b7451f96b03113d22e9fd0b01b827f9acf0e394e | Triage

Submit
Reports

Overview

overview

8

Static

static

7

194b0b4160...18.exe

windows7-x64

8

194b0b4160...18.exe

windows10-2004-x64

8

Sharing

General

Target

194b0b41606fa1401d6cf1f4ac32cd49_JaffaCakes118
Size

409KB
Sample

240628-jc6wpsxglb
MD5

194b0b41606fa1401d6cf1f4ac32cd49
SHA1

d802504579c45d656bab649d359859c6325edc95
SHA256

429c72a0f52413d06c982783b7451f96b03113d22e9fd0b01b827f9acf0e394e
SHA512

6df4499efb3875eb9f9e2aace331b0fd6e4715f5a40f08ab5e5fc0f0f091439f89769f8e04f724d1625b45d410d61b75154a530a7e3ca6eebad8cfb8dd27ce9c
SSDEEP

12288:FiGQKNNyxxNNNehbNeeeMo11eo3bQCnzvB8ksrajMfkKa0Mfgd5YZg3DcrQVAF:FiGQKNNyxxNNNehbNeeeT11eICksWYcL

Score

8^/10

evasion trojan vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

194b0b41606fa1401d6cf1f4ac32cd49_JaffaCakes118.exe

Resource

win7-20240611-en

evasion trojan vmprotect

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

194b0b41606fa1401d6cf1f4ac32cd49_JaffaCakes118.exe

Resource

win10v2004-20240508-en

evasion trojan vmprotect

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  194b0b41606fa1401d6cf1f4ac32cd49_JaffaCakes118
- Size
  
  409KB
- MD5
  
  194b0b41606fa1401d6cf1f4ac32cd49
- SHA1
  
  d802504579c45d656bab649d359859c6325edc95
- SHA256
  
  429c72a0f52413d06c982783b7451f96b03113d22e9fd0b01b827f9acf0e394e
- SHA512
  
  6df4499efb3875eb9f9e2aace331b0fd6e4715f5a40f08ab5e5fc0f0f091439f89769f8e04f724d1625b45d410d61b75154a530a7e3ca6eebad8cfb8dd27ce9c
- SSDEEP
  
  12288:FiGQKNNyxxNNNehbNeeeMo11eo3bQCnzvB8ksrajMfkKa0Mfgd5YZg3DcrQVAF:FiGQKNNyxxNNNehbNeeeT11eICksWYcL
Score

8^/10

evasion trojan vmprotect
- Drops file in Drivers directory
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Checks whether UAC is enabled
  evasion trojan
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasiontrojanvmprotect

behavioral2

evasiontrojanvmprotect

© 2018-2024

Terms | Privacy