Overview

overview

8

Static

static

8

f92e733e2b...7e.exe

windows7-x64

8

f92e733e2b...7e.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f92e733e2b8a19c2e0e5cd0e5485667d879e614d900a90c9807453473ec8287e

  • Size

    1.8MB

  • Sample

    221125-phacksbb6y

  • MD5

    f82f32f38ea9cf5f0f6b6d6de69f8c14

  • SHA1

    79501c6b221dd52bf88c0fe4e04ede18d4fea8e9

  • SHA256

    f92e733e2b8a19c2e0e5cd0e5485667d879e614d900a90c9807453473ec8287e

  • SHA512

    9a691fd42d147a0c86b593e3b43619dc267e9ac1f0da6b4398287c3028b2540cbc49a314878ad6acd448c08a47cb66f8900140d9e17bfcec5ff5db892e02e4e1

  • SSDEEP

    24576:uhLw6iRoosSVFx0wOJ8clXQ+nh6RcvVNmAAukBbEE276iRoosSVFx0wOJ8clXQ+H:uhLliG8kvQVQ7AFHiG8kvQVQ7AK

Score
8/10
vmprotect

Malware Config

Targets

    • Target

      f92e733e2b8a19c2e0e5cd0e5485667d879e614d900a90c9807453473ec8287e

    • Size

      1.8MB

    • MD5

      f82f32f38ea9cf5f0f6b6d6de69f8c14

    • SHA1

      79501c6b221dd52bf88c0fe4e04ede18d4fea8e9

    • SHA256

      f92e733e2b8a19c2e0e5cd0e5485667d879e614d900a90c9807453473ec8287e

    • SHA512

      9a691fd42d147a0c86b593e3b43619dc267e9ac1f0da6b4398287c3028b2540cbc49a314878ad6acd448c08a47cb66f8900140d9e17bfcec5ff5db892e02e4e1

    • SSDEEP

      24576:uhLw6iRoosSVFx0wOJ8clXQ+nh6RcvVNmAAukBbEE276iRoosSVFx0wOJ8clXQ+H:uhLliG8kvQVQ7AFHiG8kvQVQ7AK

    Score
    8/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks