166fd7b7965859e1a19623771f8fee09

General
Target

166fd7b7965859e1a19623771f8fee09

Size

6MB

Sample

211125-t39qdsfgek

Score
8 /10
MD5

166fd7b7965859e1a19623771f8fee09

SHA1

f9f9846d360e4439b67090cabb6e729eb089bf81

SHA256

2a0bd6197d381f1e0d5fb74425b6d1c60d9f9b107eef5c91b3a8f7b91114d732

SHA512

e1500d76794971e6e900834d6d47a90ce37f0abf2b341401d7e4aefcf567e87579001ea6bfff1076a5f0ce98f1a63e030c5ccdbabe4acc45fbe4ba29ac3a0fe1

Malware Config
Targets
Target

166fd7b7965859e1a19623771f8fee09

MD5

166fd7b7965859e1a19623771f8fee09

Filesize

6MB

Score
8 /10
SHA1

f9f9846d360e4439b67090cabb6e729eb089bf81

SHA256

2a0bd6197d381f1e0d5fb74425b6d1c60d9f9b107eef5c91b3a8f7b91114d732

SHA512

e1500d76794971e6e900834d6d47a90ce37f0abf2b341401d7e4aefcf567e87579001ea6bfff1076a5f0ce98f1a63e030c5ccdbabe4acc45fbe4ba29ac3a0fe1

Tags

Signatures

  • Downloads MZ/PE file

  • Executes dropped EXE

  • VMProtect packed file

    Description

    Detects executables packed with VMProtect commercial packer.

    Tags

  • Drops file in System32 directory

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          8/10

                          behavioral1

                          8/10

                          behavioral2

                          8/10