Overview

overview

8

Static

static

7

1c0225bdf8...18.dll

windows7-x64

8

1c0225bdf8...18.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1c0225bdf8e7c7fc956ab3d212e75c10_JaffaCakes118

  • Size

    524KB

  • Sample

    240701-wt6cqawbpj

  • MD5

    1c0225bdf8e7c7fc956ab3d212e75c10

  • SHA1

    bec5cf0c2ab8802229ef5c27a28f021db3241ff8

  • SHA256

    6fe20ff062b6984db3b53409681f9effd51ba1f8d52583ba932148ebdf753435

  • SHA512

    3b31ede8b4296c7b660fcd9f9aee9480e211bd9e438165888cee3e7e45a286281e46fcfac975a6f5c7051b3b536b8b318331400219a98bb23361366f38d86f95

  • SSDEEP

    12288:P3dia0V/LcQzxKfptPZ8aS833molJV4N5SMsD2Ksy/LWC21W:x0V/LvzwRoSmolJV46MesKLf21W

Score
8/10
vmprotect

Malware Config

Targets

    • Target

      1c0225bdf8e7c7fc956ab3d212e75c10_JaffaCakes118

    • Size

      524KB

    • MD5

      1c0225bdf8e7c7fc956ab3d212e75c10

    • SHA1

      bec5cf0c2ab8802229ef5c27a28f021db3241ff8

    • SHA256

      6fe20ff062b6984db3b53409681f9effd51ba1f8d52583ba932148ebdf753435

    • SHA512

      3b31ede8b4296c7b660fcd9f9aee9480e211bd9e438165888cee3e7e45a286281e46fcfac975a6f5c7051b3b536b8b318331400219a98bb23361366f38d86f95

    • SSDEEP

      12288:P3dia0V/LcQzxKfptPZ8aS833molJV4N5SMsD2Ksy/LWC21W:x0V/LvzwRoSmolJV46MesKLf21W

    Score
    8/10
    vmprotect

    • Blocklisted process makes network request

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks