5e039bf28bdff9b52bce291fd9830125da60d768497254de26bc864b37c29859 | Triage

Submit
Reports

Overview

overview

8

Static

static

7

1bbe827187...18.exe

windows7-x64

8

1bbe827187...18.exe

windows10-2004-x64

8

Sharing

General

Target

1bbe827187c2a8623bcc490953e45ad7_JaffaCakes118
Size

236KB
Sample

240701-t86wpayekh
MD5

1bbe827187c2a8623bcc490953e45ad7
SHA1

0e573433b6eb2f4877b066fd8919d85ca2b1c36d
SHA256

5e039bf28bdff9b52bce291fd9830125da60d768497254de26bc864b37c29859
SHA512

3625f4769f25fb6cd2f11c40f10de7e3d562b3a3f7772668aff01be8f2ec7bb3a0be7e0bdcb25f664c35e4dfcd9fbd722eb0d7354607d45fe2f807e4bbd8b019
SSDEEP

6144:Y96AQGrE9DcQ0i8RfiyG68Sn68KijOkqX6Fbq2TzjDICh:YoAxrE9DcQ6qy38STjO36tjHIC

Score

8^/10

evasion trojan vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

1bbe827187c2a8623bcc490953e45ad7_JaffaCakes118.exe

Resource

win7-20240419-en

evasion trojan vmprotect

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

1bbe827187c2a8623bcc490953e45ad7_JaffaCakes118.exe

Resource

win10v2004-20240611-en

evasion trojan vmprotect

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  1bbe827187c2a8623bcc490953e45ad7_JaffaCakes118
- Size
  
  236KB
- MD5
  
  1bbe827187c2a8623bcc490953e45ad7
- SHA1
  
  0e573433b6eb2f4877b066fd8919d85ca2b1c36d
- SHA256
  
  5e039bf28bdff9b52bce291fd9830125da60d768497254de26bc864b37c29859
- SHA512
  
  3625f4769f25fb6cd2f11c40f10de7e3d562b3a3f7772668aff01be8f2ec7bb3a0be7e0bdcb25f664c35e4dfcd9fbd722eb0d7354607d45fe2f807e4bbd8b019
- SSDEEP
  
  6144:Y96AQGrE9DcQ0i8RfiyG68Sn68KijOkqX6Fbq2TzjDICh:YoAxrE9DcQ6qy38STjO36tjHIC
Score

8^/10

evasion trojan vmprotect
- Drops file in Drivers directory
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasiontrojanvmprotect

behavioral2

evasiontrojanvmprotect

© 2018-2024

Terms | Privacy