Overview

overview

8

Static

static

5

b16f8c8df9...a0.exe

windows7-x64

8

b16f8c8df9...a0.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b16f8c8df973e0321862dc75a3c82e4217bb222e18630773203450a988094fa0

  • Size

    2.3MB

  • Sample

    221123-hl6fvshf2x

  • MD5

    31f88d4609daba804c2821a218e2ba06

  • SHA1

    db377f08e0ecdbc8f905897c8cd08e0499b9980d

  • SHA256

    b16f8c8df973e0321862dc75a3c82e4217bb222e18630773203450a988094fa0

  • SHA512

    2da4537a7dfc3b5ae8d6211fd6396f2cac0a400ea559a4d60c7485c473e04b70a9dc9e4119bb72cc97f1798b868d90a6f3cee21e212a295ba95b22c082587acc

  • SSDEEP

    49152:BVg5tQ7afEohj0yW2E42O+PrrSnE83B0vM4j6Pv35:vg5652W2j2xrSnGZ6P

Score
8/10
vmprotect

Malware Config

Targets

    • Target

      b16f8c8df973e0321862dc75a3c82e4217bb222e18630773203450a988094fa0

    • Size

      2.3MB

    • MD5

      31f88d4609daba804c2821a218e2ba06

    • SHA1

      db377f08e0ecdbc8f905897c8cd08e0499b9980d

    • SHA256

      b16f8c8df973e0321862dc75a3c82e4217bb222e18630773203450a988094fa0

    • SHA512

      2da4537a7dfc3b5ae8d6211fd6396f2cac0a400ea559a4d60c7485c473e04b70a9dc9e4119bb72cc97f1798b868d90a6f3cee21e212a295ba95b22c082587acc

    • SSDEEP

      49152:BVg5tQ7afEohj0yW2E42O+PrrSnE83B0vM4j6Pv35:vg5652W2j2xrSnGZ6P

    Score
    8/10
    vmprotect

    • Executes dropped EXE

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks