Overview

overview

8

Static

static

8

a03e2529a1...06.exe

windows7-x64

8

a03e2529a1...06.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a03e2529a1b1e714c59ae4467b557140123c6631d8abad89c3eec6f9a4689506

  • Size

    1.8MB

  • Sample

    221123-zexc2sfg6x

  • MD5

    55b9bb60c5b627b87f37cf89893d6412

  • SHA1

    48c004c4f5ca9d22a0c69a22884ce6d9fdb486e5

  • SHA256

    a03e2529a1b1e714c59ae4467b557140123c6631d8abad89c3eec6f9a4689506

  • SHA512

    7a6de61cee3b2fa8526af15fd3acf985c1674a9dcac45f43d57fece3e59be6c2e04f7ca4d19d00bf4a2c30750bec37fd0c3d68ee8fef1385ebcf37adb8f70b2f

  • SSDEEP

    49152:tjKs2rPHwcwUNaBeeSzn610EfuFfMxwg:4s2rPjUTS20V0w

Score
8/10
persistencevmprotect

Malware Config

Targets

    • Target

      a03e2529a1b1e714c59ae4467b557140123c6631d8abad89c3eec6f9a4689506

    • Size

      1.8MB

    • MD5

      55b9bb60c5b627b87f37cf89893d6412

    • SHA1

      48c004c4f5ca9d22a0c69a22884ce6d9fdb486e5

    • SHA256

      a03e2529a1b1e714c59ae4467b557140123c6631d8abad89c3eec6f9a4689506

    • SHA512

      7a6de61cee3b2fa8526af15fd3acf985c1674a9dcac45f43d57fece3e59be6c2e04f7ca4d19d00bf4a2c30750bec37fd0c3d68ee8fef1385ebcf37adb8f70b2f

    • SSDEEP

      49152:tjKs2rPHwcwUNaBeeSzn610EfuFfMxwg:4s2rPjUTS20V0w

    Score
    8/10
    vmprotectpersistence

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks