5931586e55dea4f8f85a1767d90a8ed56afec3d04413573c85f32c2d10c14583 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

5931586e55...83.exe

windows7-x64

8

5931586e55...83.exe

windows10-2004-x64

8

Sharing

General

Target

5931586e55dea4f8f85a1767d90a8ed56afec3d04413573c85f32c2d10c14583
Size

2.4MB
Sample

221123-s5w2msdb42
MD5

b242e4b930901e8e0db343ecf54ab247
SHA1

3485907c13ca9327578f0699de3f4447c650606e
SHA256

5931586e55dea4f8f85a1767d90a8ed56afec3d04413573c85f32c2d10c14583
SHA512

5db51fde7cfc314ca081c5a9286c970481344460728061c637819f70f6ad19c277e4bff33704810d362c588fcb653d97aa674d1d4d1998a836fbb43b5c1d1478
SSDEEP

49152:xXv8RfxPn+Cy5nmyy90FJmVxpTZl6MfMf4AUf9UTKsNitrbzrdi:qRfxNy5myNYTTZU74Z6vNit/zrd

Score

8^/10

persistence vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5931586e55dea4f8f85a1767d90a8ed56afec3d04413573c85f32c2d10c14583.exe

Resource

win7-20220812-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

5931586e55dea4f8f85a1767d90a8ed56afec3d04413573c85f32c2d10c14583.exe

Resource

win10v2004-20220812-en

persistence vmprotect

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  5931586e55dea4f8f85a1767d90a8ed56afec3d04413573c85f32c2d10c14583
- Size
  
  2.4MB
- MD5
  
  b242e4b930901e8e0db343ecf54ab247
- SHA1
  
  3485907c13ca9327578f0699de3f4447c650606e
- SHA256
  
  5931586e55dea4f8f85a1767d90a8ed56afec3d04413573c85f32c2d10c14583
- SHA512
  
  5db51fde7cfc314ca081c5a9286c970481344460728061c637819f70f6ad19c277e4bff33704810d362c588fcb653d97aa674d1d4d1998a836fbb43b5c1d1478
- SSDEEP
  
  49152:xXv8RfxPn+Cy5nmyy90FJmVxpTZl6MfMf4AUf9UTKsNitrbzrdi:qRfxNy5myNYTTZU74Z6vNit/zrd
Score

8^/10

vmprotect persistence
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

persistencevmprotect

© 2018-2024

Terms | Privacy