Overview

overview

7

Static

static

7

1a7a529b67...18.exe

windows7-x64

7

1a7a529b67...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1a7a529b672d2d2487e58058145b03ec_JaffaCakes118

  • Size

    1.1MB

  • Sample

    240701-jkcb3ashpp

  • MD5

    1a7a529b672d2d2487e58058145b03ec

  • SHA1

    d5fa4cccb347be0275cb1298255622daaff1431f

  • SHA256

    47cb3620b4a793bfcb4a3fa3a0ea0800515b2c31e0599cb5ea2acc1f4b881da6

  • SHA512

    c5e91bdc5ccc1bda1e8f6f018f7fb8a933ecab90cb9f3cc2dd672b02fbbad4b115fa638b2ee9467300865237e8789c5f0b1c778fe05dae5020e9033fd052cacc

  • SSDEEP

    24576:zAUgy2I8Zl3vtMphbSb6MEW5h3nsoAnHnWy+by0eKMZ6oky:zd9FoWphZMdv3soAHAKKPoD

Score
7/10
vmprotect

Malware Config

Targets

    • Target

      1a7a529b672d2d2487e58058145b03ec_JaffaCakes118

    • Size

      1.1MB

    • MD5

      1a7a529b672d2d2487e58058145b03ec

    • SHA1

      d5fa4cccb347be0275cb1298255622daaff1431f

    • SHA256

      47cb3620b4a793bfcb4a3fa3a0ea0800515b2c31e0599cb5ea2acc1f4b881da6

    • SHA512

      c5e91bdc5ccc1bda1e8f6f018f7fb8a933ecab90cb9f3cc2dd672b02fbbad4b115fa638b2ee9467300865237e8789c5f0b1c778fe05dae5020e9033fd052cacc

    • SSDEEP

      24576:zAUgy2I8Zl3vtMphbSb6MEW5h3nsoAnHnWy+by0eKMZ6oky:zd9FoWphZMdv3soAHAKKPoD

    Score
    7/10
    vmprotect

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks