Overview

overview

8

Static

static

8

97baefd417...f9.dll

windows7-x64

8

97baefd417...f9.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    97baefd417b330aa81c8dfe5087522099bf248287cbac9825b8b90f588881cf9

  • Size

    107KB

  • Sample

    221125-pa9sgafe59

  • MD5

    177a852dc41723876b28dee508a99ee6

  • SHA1

    45e87a13b9894bbfdd1a9d7e34153ce9fe8010a6

  • SHA256

    97baefd417b330aa81c8dfe5087522099bf248287cbac9825b8b90f588881cf9

  • SHA512

    18ee953acad7c6b4e59c7dcddf9711c2688ee8f665610a03434fad15e2758b249f76c0bfc012b0ddf2e9f8b9c528dd98d353afcf4dcde6c4892254af1b21ce8b

  • SSDEEP

    3072:3zKvSm7W7Ju3hrr/OFAS0M+d3ddgS1LkC/NNg:3zKamM8r/OFASl+d3YC/Hg

Score
8/10
vmprotect

Malware Config

Targets

    • Target

      97baefd417b330aa81c8dfe5087522099bf248287cbac9825b8b90f588881cf9

    • Size

      107KB

    • MD5

      177a852dc41723876b28dee508a99ee6

    • SHA1

      45e87a13b9894bbfdd1a9d7e34153ce9fe8010a6

    • SHA256

      97baefd417b330aa81c8dfe5087522099bf248287cbac9825b8b90f588881cf9

    • SHA512

      18ee953acad7c6b4e59c7dcddf9711c2688ee8f665610a03434fad15e2758b249f76c0bfc012b0ddf2e9f8b9c528dd98d353afcf4dcde6c4892254af1b21ce8b

    • SSDEEP

      3072:3zKvSm7W7Ju3hrr/OFAS0M+d3ddgS1LkC/NNg:3zKamM8r/OFASl+d3YC/Hg

    Score
    8/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks