Overview

overview

8

Static

static

8

1fa911d80b...49.exe

windows7-x64

8

1fa911d80b...49.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1fa911d80b3ea175e6fb7b83f7d90a2fc9cb97da30bce61e669382b156aba549

  • Size

    2.1MB

  • Sample

    221123-tbr19sgf7t

  • MD5

    6c8f269d834760aaa0f4909c49793345

  • SHA1

    69a436c2018a56b52481d4c425f8476a0812df9a

  • SHA256

    1fa911d80b3ea175e6fb7b83f7d90a2fc9cb97da30bce61e669382b156aba549

  • SHA512

    f7654440847fb584bc6193de3f0a850ace1be96b7ef16035cd490fe472a050e3695a2bcfbf413700d4a73d56eff203dd957d0edbdc0a03ab48be5c87eb065424

  • SSDEEP

    49152:HrRbjeIvM/tlAJfRLGY/kxnmGJNDCGiZF+2P8Sg9TVogr:HfM/tiJfRKY0mGJNDKF+22f

Score
8/10
upxvmprotect

Malware Config

Targets

    • Target

      1fa911d80b3ea175e6fb7b83f7d90a2fc9cb97da30bce61e669382b156aba549

    • Size

      2.1MB

    • MD5

      6c8f269d834760aaa0f4909c49793345

    • SHA1

      69a436c2018a56b52481d4c425f8476a0812df9a

    • SHA256

      1fa911d80b3ea175e6fb7b83f7d90a2fc9cb97da30bce61e669382b156aba549

    • SHA512

      f7654440847fb584bc6193de3f0a850ace1be96b7ef16035cd490fe472a050e3695a2bcfbf413700d4a73d56eff203dd957d0edbdc0a03ab48be5c87eb065424

    • SSDEEP

      49152:HrRbjeIvM/tlAJfRLGY/kxnmGJNDCGiZF+2P8Sg9TVogr:HfM/tiJfRKY0mGJNDKF+22f

    Score
    8/10
    upxvmprotect

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Install Root Certificate

1
T1130

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks