ecc3a87bd099d68fc0d32a0f7fe68275791b29c881d4864e4a7c19e6e2d0dc84 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

【咚咚�...��.exe

windows7-x64

8

【咚咚�...��.exe

windows10-2004-x64

8

Sharing

General

Target

ecc3a87bd099d68fc0d32a0f7fe68275791b29c881d4864e4a7c19e6e2d0dc84
Size

2.1MB
Sample

221124-l1jr7aac4t
MD5

b85878ae45c221c6f921976001ba35da
SHA1

d9394a2e7094813a22325b4bbe2f98c7e2b3c198
SHA256

ecc3a87bd099d68fc0d32a0f7fe68275791b29c881d4864e4a7c19e6e2d0dc84
SHA512

af14852031ed90c3e18d0f14a3cdbd7cffc294b0a1c691af121e848990e6c6227bb3a5138a5eabe9499054da9d9c2941bdb0abfa8c28f84d635d2ce4ec7a5eb1
SSDEEP

49152:RqdwPV+KdWnVzGGinbdJS7AWOQLDWSZR8KwFaSTb2:/dtdWVzQZobp+SZeESTb2

Score

8^/10

persistence vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

【咚咚】Q游记1.0版本辅注/【咚咚】Q游记1.0版本辅注.exe

Resource

win7-20220812-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

【咚咚】Q游记1.0版本辅注/【咚咚】Q游记1.0版本辅注.exe

Resource

win10v2004-20220812-en

persistence vmprotect

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  【咚咚】Q游记1.0版本辅注/【咚咚】Q游记1.0版本辅注.exe
- Size
  
  2.2MB
- MD5
  
  511128c6fe206c3b6bf1fbdbddaab6e8
- SHA1
  
  8983c9d0fb668346af03ff8dd2dc067baf540100
- SHA256
  
  8bd164cbb2f483747ec279577d7190f509858ec6b0d590d91789a1dec3269f23
- SHA512
  
  3aa1b2c332a7e645c7e1ccda24ed2856fefbed0ba1629bebe1ff28b375c7d3908ff2af65e38c85db11adf909829ac3e7cab5bdc02cefabc86857a584aff6e61e
- SSDEEP
  
  49152:cj5ime12WXZluhYH2njFi3bs/XcYODKK5yynEd+t91pvI8S+JxF:c5eZVH2BOmXcYOBwynXX
Score

8^/10

vmprotect persistence
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

persistencevmprotect

© 2018-2024

Terms | Privacy