5d97127302fd36f004e1a29c4e2cd8583ae6940fe5f16d1c8454885ae288cd8b | Triage

Submit
Reports

Overview

overview

Static

static

8

START_ME.exe

windows7_x64

1

START_ME.exe

windows10_x64

Sharing

General

Target

6040ccde5d8cb56331d3f3c3.zip
Size

5.8MB
Sample

210304-31cq77qcen
MD5

829233c296aa59ff4c2b56018464a6de
SHA1

682ba27aba00f3ab582b6c6a75201f923ce5541a
SHA256

5d97127302fd36f004e1a29c4e2cd8583ae6940fe5f16d1c8454885ae288cd8b
SHA512

71abc041284b8a1696024345953a4eefdd58781fcc0051474947efc1ea2b19698bc97d23d4a68dbfc5102f59f370d0e4c803a3bf5c00a553b0a02b52657724c0

Score

10^/10

vmprotect

Static task

static1

Behavioral task

behavioral1

Sample

START_ME.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

START_ME.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  START_ME.exe
- Size
  
  981KB
- MD5
  
  e3484a2aa73999f679732235728cc7e0
- SHA1
  
  800d1156db2a05ad9856741588cedb6b56185ac3
- SHA256
  
  343a5cbc98aff11e7d0ec6582e953df9bf3f0ecd41bead7365f13a382d64721e
- SHA512
  
  02eaf2e42898430fd08a82bd7c43d297ec188d4d98495c73059923a75c40b58d2a7def37b84e13ac8de8fca88175284121634a71ea187171dbb283dd366dabd9
Score

10^/10
- Suspicious use of NtCreateProcessExOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy