Overview

overview

8

Static

static

8

350b8f96d6...da.exe

windows7-x64

8

350b8f96d6...da.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    350b8f96d63f6258919c583985b5a3d603b98859a359e1b3844f928e185e56da

  • Size

    1.4MB

  • Sample

    221123-t16wqaaf9s

  • MD5

    5baa9158268baf72cff4b6680f6b6f15

  • SHA1

    31dc9d7e1b2a40b69973709e14ff96575648915e

  • SHA256

    350b8f96d63f6258919c583985b5a3d603b98859a359e1b3844f928e185e56da

  • SHA512

    cd0fc497ee8632263ed0f54150e766a88109fd5e226c6353b1b478ebc5c7b30a0282cfe4bb8357696c16dec6cada05f287322d4ae720ff88f5e3dbd5b9f506d9

  • SSDEEP

    24576:QlbJbJRM9+zDmidLD8/xK7tHyQNBBeOs/k580WAwY9UymmLU7Gd4E4:Qlb6Im8ogtyQLIB4qTBG2E4

Score
8/10
persistencevmprotect

Malware Config

Targets

    • Target

      350b8f96d63f6258919c583985b5a3d603b98859a359e1b3844f928e185e56da

    • Size

      1.4MB

    • MD5

      5baa9158268baf72cff4b6680f6b6f15

    • SHA1

      31dc9d7e1b2a40b69973709e14ff96575648915e

    • SHA256

      350b8f96d63f6258919c583985b5a3d603b98859a359e1b3844f928e185e56da

    • SHA512

      cd0fc497ee8632263ed0f54150e766a88109fd5e226c6353b1b478ebc5c7b30a0282cfe4bb8357696c16dec6cada05f287322d4ae720ff88f5e3dbd5b9f506d9

    • SSDEEP

      24576:QlbJbJRM9+zDmidLD8/xK7tHyQNBBeOs/k580WAwY9UymmLU7Gd4E4:Qlb6Im8ogtyQLIB4qTBG2E4

    Score
    8/10
    persistencevmprotect

    • Drops file in Drivers directory

    • Sets service image path in registry

      persistence

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks