Overview

overview

7

Static

static

7

198ed15d20...18.exe

windows7-x64

7

198ed15d20...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    198ed15d20f0d64bd9a7383e8508eaa4_JaffaCakes118

  • Size

    1.9MB

  • Sample

    240628-k1622s1emb

  • MD5

    198ed15d20f0d64bd9a7383e8508eaa4

  • SHA1

    6685819491b5b99b28a79a79482d1e6899294cb6

  • SHA256

    021d5f7d81f8cfde810dca7d8fca6befb451305a32a114c840306b2da407d12f

  • SHA512

    c8c0e39a8c733bc333a6a8b38e3483256217708fdd1987d04aef8fbff74f60aea8c56eb7ab9c4067ceea19a11eb8dfbcd9156a9124366ca0944d250649477d1c

  • SSDEEP

    49152:lo8SFasq25kDnChAsm7cdpmAgMdUldZBRlKVPgdQDG8:lovssq2SCusTzBST4tqsd

Score
7/10
vmprotect

Malware Config

Targets

    • Target

      198ed15d20f0d64bd9a7383e8508eaa4_JaffaCakes118

    • Size

      1.9MB

    • MD5

      198ed15d20f0d64bd9a7383e8508eaa4

    • SHA1

      6685819491b5b99b28a79a79482d1e6899294cb6

    • SHA256

      021d5f7d81f8cfde810dca7d8fca6befb451305a32a114c840306b2da407d12f

    • SHA512

      c8c0e39a8c733bc333a6a8b38e3483256217708fdd1987d04aef8fbff74f60aea8c56eb7ab9c4067ceea19a11eb8dfbcd9156a9124366ca0944d250649477d1c

    • SSDEEP

      49152:lo8SFasq25kDnChAsm7cdpmAgMdUldZBRlKVPgdQDG8:lovssq2SCusTzBST4tqsd

    Score
    7/10
    vmprotect

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks