44937a7bedd786951d5675c17a2246ecdc3c6e6f391b2a980f3ec6f01f4225f2 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

zDefend.dll

windows10-2004-x64

8

Sharing

General

Target

zDefend.asi
Size

5.5MB
Sample

221123-mewejahb5y
MD5

fa39d8b3cd9ebe86b0826afdab1d00df
SHA1

5a74b71d6812d0beea5da69d56128cf909027a80
SHA256

44937a7bedd786951d5675c17a2246ecdc3c6e6f391b2a980f3ec6f01f4225f2
SHA512

69f78851fafb129d1a9a161db43aff5745f52bad9e85b47bf6c9475b788db261d8695cadb5503a06b78f1986ce71d150886a45abc149a060932608cf6cf9fcb8
SSDEEP

98304:2y/0XnuVdC9VudXVknlL+ijOEDEe/WxhWHo/FKBKcY18HipEhxAMBUQ:2y/03nudlklLJjOfr+Kj18uEhxAMBU

Score

8^/10

vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

zDefend.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  zDefend.asi
- Size
  
  5.5MB
- MD5
  
  fa39d8b3cd9ebe86b0826afdab1d00df
- SHA1
  
  5a74b71d6812d0beea5da69d56128cf909027a80
- SHA256
  
  44937a7bedd786951d5675c17a2246ecdc3c6e6f391b2a980f3ec6f01f4225f2
- SHA512
  
  69f78851fafb129d1a9a161db43aff5745f52bad9e85b47bf6c9475b788db261d8695cadb5503a06b78f1986ce71d150886a45abc149a060932608cf6cf9fcb8
- SSDEEP
  
  98304:2y/0XnuVdC9VudXVknlL+ijOEDEe/WxhWHo/FKBKcY18HipEhxAMBUQ:2y/03nudlklLJjOfr+Kj18uEhxAMBU
Score

8^/10

vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy