Overview

overview

7

Static

static

7

1986242734...18.exe

windows7-x64

7

1986242734...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1986242734173a6d7faeeae5165e28b5_JaffaCakes118

  • Size

    936KB

  • Sample

    240628-kt2tratelq

  • MD5

    1986242734173a6d7faeeae5165e28b5

  • SHA1

    0091f9bc0cfd99e5cb347c2ebbd4b53dad041b0f

  • SHA256

    583d9ccdc1024490949aed20d307505b17a06d6c54cda4dcf638eee39cee98c7

  • SHA512

    0ea0dfb4547af4bb49234d0c158c0e9c39a7e50c6e07ff87d4f4ed58693d72b801c7cb0a754a624eb53b1120d2087d49d0dd9048ac8810f3cd2d6acc22f5223c

  • SSDEEP

    24576:vt1/nvW3lo7nyBUGtPZyR3xHq/SRhlGw:vt1G1o7wPZyDq/SRrG

Score
7/10
vmprotect

Malware Config

Targets

    • Target

      1986242734173a6d7faeeae5165e28b5_JaffaCakes118

    • Size

      936KB

    • MD5

      1986242734173a6d7faeeae5165e28b5

    • SHA1

      0091f9bc0cfd99e5cb347c2ebbd4b53dad041b0f

    • SHA256

      583d9ccdc1024490949aed20d307505b17a06d6c54cda4dcf638eee39cee98c7

    • SHA512

      0ea0dfb4547af4bb49234d0c158c0e9c39a7e50c6e07ff87d4f4ed58693d72b801c7cb0a754a624eb53b1120d2087d49d0dd9048ac8810f3cd2d6acc22f5223c

    • SSDEEP

      24576:vt1/nvW3lo7nyBUGtPZyR3xHq/SRhlGw:vt1G1o7wPZyDq/SRrG

    Score
    7/10
    vmprotect

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks