Overview

overview

8

Static

static

8

2ca139c675...7a.exe

windows7-x64

8

2ca139c675...7a.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2ca139c675c82f4697fb5a80ed62d257a48b1af9e3a88e40ae42ae412f30727a

  • Size

    376KB

  • Sample

    221123-v6awxaba52

  • MD5

    685493b4cebf734897b281dcb20dee32

  • SHA1

    52c15a43515692eb9c707479429c07058d4b49be

  • SHA256

    2ca139c675c82f4697fb5a80ed62d257a48b1af9e3a88e40ae42ae412f30727a

  • SHA512

    e40378129f2952b5b7145a78928696568e3631b0965c412c2e290caa8194c02c3c8d1f71c63ea4e0c871464bbe20146ad88e338a4b4e591c6a519bb790dba1ea

  • SSDEEP

    6144:BSmPzsGUWC7bZfxJDAfe99lUsfByNBPkgsfUJYOUdez47PgtNr6iZQ6MrR5cUN83:BSmrtYZfxJDAfe93vfBSFkW2ukwN6yAq

Score
8/10
persistencevmprotect

Malware Config

Targets

    • Target

      2ca139c675c82f4697fb5a80ed62d257a48b1af9e3a88e40ae42ae412f30727a

    • Size

      376KB

    • MD5

      685493b4cebf734897b281dcb20dee32

    • SHA1

      52c15a43515692eb9c707479429c07058d4b49be

    • SHA256

      2ca139c675c82f4697fb5a80ed62d257a48b1af9e3a88e40ae42ae412f30727a

    • SHA512

      e40378129f2952b5b7145a78928696568e3631b0965c412c2e290caa8194c02c3c8d1f71c63ea4e0c871464bbe20146ad88e338a4b4e591c6a519bb790dba1ea

    • SSDEEP

      6144:BSmPzsGUWC7bZfxJDAfe99lUsfByNBPkgsfUJYOUdez47PgtNr6iZQ6MrR5cUN83:BSmrtYZfxJDAfe93vfBSFkW2ukwN6yAq

    Score
    8/10
    vmprotectpersistence

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks